Skip to content

Commit c74b244

Browse files
tyler-dunkeltyler-dunkel
committed
feat(services): add new service sageMakerNotebookInstance
1 parent 1e578d7 commit c74b244

19 files changed

Lines changed: 433 additions & 60 deletions

File tree

README.md

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -121,34 +121,35 @@ CloudGraph AWS Provider will ask you what regions you would like to crawl and wi
121121
| iamServerCertificate | |
122122
| iamUser | iamGroup |
123123
| iamPolicy | iamRole, iamGroup |
124-
| iamRole | codebuild, configurationRecorder, iamPolicy, eksCluster, ecsService, flowLog, glueJob, managedAirflow, guardDutyDetector |
124+
| iamRole | codebuild, configurationRecorder, iamPolicy, eksCluster, ecsService, flowLog, glueJob, managedAirflow, sageMakerNotebookInstance guardDutyDetector |
125125
| iamGroup | iamUser, iamPolicy |
126126
| igw | vpc |
127127
| iot | |
128128
| kinesisFirehose | kinesisStream, s3 |
129129
| kinesisStream | kinesisFirehose |
130-
| kms | cloudtrail, cloudwatchLog, codebuild, efs, eksCluster, elastiCacheReplicationGroup, elasticSearchDomain, emrCluster, lambda, sns, dmsReplicationInstance redshiftCluster |
130+
| kms | cloudtrail, cloudwatchLog, codebuild, efs, eksCluster, elastiCacheReplicationGroup, elasticSearchDomain, emrCluster, lambda, sns, sageMakerNotebookInstance, dmsReplicationInstance, redshiftCluster |
131131
| lambda | appSync, cognitoUserPool, kms, securityGroup, subnet, vpc |
132132
| managedAirflow | iamRole, securityGroups, subnet, s3 |
133133
| nacl | vpc |
134134
| natGateway | networkInterface, subnet, vpc |
135-
| networkInterface | ec2, eip, efsMountTarget, natGateway, subnet, vpc, flowLog |
135+
| networkInterface | ec2, eip, efsMountTarget, natGateway, sageMakerNotebookInstance, subnet, vpc, flowLog |
136136
| organization |
137137
| rdsCluster | appSync, rdsDbInstance, securityGroup |
138138
| rdsDbInstance | rdsCluster, securityGroup, vpc, subnet |
139139
| redshiftCluster | kms, vpc |
140140
| route53Record | alb, apiGatewayRestApi, elb, route53HostedZone |
141141
| route53HostedZone | route53Record, vpc |
142142
| routeTable | subnet, transitGateway, transitGatewayAttachment,vpc |
143-
| sageMakerProject | |
144143
| sageMakerExperiment | |
144+
| sageMakerNotebookInstance | iamRole, kms, networkInterface, subnet, securityGroup |
145+
| sageMakerProject | |
145146
| s3 | cloudfront, cloudtrail, kinesisFirehose, managedAirflow |
146147
| secretsManager | |
147-
| securityGroup | alb, asg, clientVpnEndpoint, codebuild, dmsReplicationInstance, ecsService, lambda, ec2, elasticSearchDomain, elb, rdsCluster, rdsDbInstance, eksCluster, elastiCacheCluster, managedAirflow |
148+
| securityGroup | alb, asg, clientVpnEndpoint, codebuild, dmsReplicationInstance, ecsService, lambda, ec2, elasticSearchDomain, elb, rdsCluster, rdsDbInstance, eksCluster, elastiCacheCluster, managedAirflow, sageMakerNotebookInstance |
148149
| ses | |
149150
| sns | kms, cloudtrail, cloudwatch |
150151
| sqs | |
151-
| subnet | alb, asg, codebuild, dmsReplicationInstance, ec2, ecsService, efsMountTarget, elastiCacheCluster, elasticSearchDomain, elb, lambda, managedAirflow, natGateway, networkInterface, routeTable, vpc, eksCluster, emrCluster, flowLog |
152+
| subnet | alb, asg, codebuild, dmsReplicationInstance, ec2, ecsService, efsMountTarget, elastiCacheCluster, elasticSearchDomain, elb, lambda, managedAirflow, natGateway, networkInterface, sageMakerNotebookInstance, routeTable, vpc, eksCluster, emrCluster, flowLog |
152153
| transitGateway | routeTable, transitGatewayAttachment, vpnConnection |
153154
| transitGatewayAttachment | routeTable, transitGateway, vpc, vpnConnection |
154155
| vpc | alb, codebuild, dmsReplicationInstance, ec2, eip, elb, ecsService, efsMountTarget, eksCluster igw, elastiCacheCluster, elasticSearchDomain, lambda, nacl, natGateway, networkInterface, rdsDbInstance, redshiftCluster, route53HostedZone, routeTable, subnet, flowLog, vpnGateway, transitGatewayAttachment |

src/enums/schemasMap.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,8 +82,9 @@ export default {
8282
[services.route53HostedZone]: 'awsRoute53HostedZone',
8383
[services.route53Record]: 'awsRoute53Record',
8484
[services.routeTable]: 'awsRouteTable',
85-
[services.sageMakerProject]: 'awsSageMakerProject',
8685
[services.sageMakerExperiment]: 'awsSageMakerExperiment',
86+
[services.sageMakerNotebookInstance]: 'awsSageMakerNotebookInstance',
87+
[services.sageMakerProject]: 'awsSageMakerProject',
8788
[services.s3]: 'awsS3',
8889
[services.secretsManager]: 'awsSecretsManager',
8990
[services.ses]: 'awsSes',

src/enums/serviceMap.ts

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,6 +89,7 @@ import WafV2WebAcl from '../services/wafV2WebAcl'
8989
import GuardDutyDetector from '../services/guardDutyDetector'
9090
import ElasticSearchDomain from '../services/elasticSearchDomain'
9191
import DmsReplicationInstance from '../services/dmsReplicationInstance'
92+
import SageMakerNotebookInstance from '../services/sageMakerNotebookInstance'
9293

9394
/**
9495
* serviceMap is an object that contains all currently supported services for AWS
@@ -157,8 +158,9 @@ export default {
157158
[services.route53HostedZone]: Route53HostedZone,
158159
[services.route53Record]: Route53Record,
159160
[services.routeTable]: RouteTable,
160-
[services.sageMakerProject]: SageMakerProject,
161161
[services.sageMakerExperiment]: SageMakerExperiment,
162+
[services.sageMakerNotebookInstance]: SageMakerNotebookInstance,
163+
[services.sageMakerProject]: SageMakerProject,
162164
[services.s3]: S3,
163165
[services.secretsManager]: SecretsManager,
164166
[services.ses]: SES,

src/enums/services.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,8 +73,9 @@ export default {
7373
route53HostedZone: 'route53HostedZone',
7474
route53Record: 'route53Record',
7575
routeTable: 'routeTable',
76+
sageMakerExperiment: 'sageMakerExperiment',
77+
sageMakerNotebookInstance: 'sageMakerNotebookInstance',
7678
sageMakerProject: 'sageMakerProject',
77-
sageMakerExperiment: 'sageMakerExperiment',
7879
s3: 's3',
7980
secretsManager: 'secretsManager',
8081
ses: 'ses',

src/services/iamRole/connections.ts

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ import { RawAwsGlueJob } from '../glueJob/data'
1313
import { glueJobArn } from '../../utils/generateArns'
1414
import { RawAwsManagedAirflow } from '../managedAirflow/data'
1515
import { RawAwsGuardDutyDetector } from '../guardDutyDetector/data'
16+
import { RawAwsSageMakerNotebookInstance } from '../sageMakerNotebookInstance/data'
1617

1718
/**
1819
* IAM Role
@@ -188,6 +189,29 @@ export default ({
188189
}
189190
}
190191

192+
/**
193+
* Find any sageMakerNotebookInstance related data
194+
*/
195+
const notebooks = data.find(
196+
({ name }) => name === services.sageMakerNotebookInstance
197+
)
198+
if (notebooks?.data?.[region]) {
199+
const dataAtRegion: RawAwsSageMakerNotebookInstance[] = notebooks.data[
200+
region
201+
].filter(
202+
({ RoleArn }: RawAwsSageMakerNotebookInstance) =>
203+
RoleArn === role.Arn
204+
)
205+
for (const notebook of dataAtRegion) {
206+
connections.push({
207+
id: notebook.NotebookInstanceArn,
208+
resourceType: services.sageMakerNotebookInstance,
209+
relation: 'child',
210+
field: 'sageMakerNotebookInstances',
211+
})
212+
}
213+
}
214+
191215
return {
192216
[id]: connections,
193217
}

src/services/iamRole/schema.graphql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,4 +20,5 @@ type awsIamRole @key(fields: "id") {
2020
glueJobs: [awsGlueJob] @hasInverse(field: iamRole)
2121
managedAirflows: [awsManagedAirflow] @hasInverse(field: iamRoles)
2222
guardDutyDetectors: [awsGuardDutyDetector] @hasInverse(field: iamRole)
23+
sageMakerNotebookInstances: [awsSageMakerNotebookInstance] @hasInverse(field: iamRole)
2324
}

src/services/kms/schema.graphql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,4 +28,5 @@ type awsKms @key(fields: "id"){
2828
codebuilds: [awsCodebuild] @hasInverse(field: kms)
2929
elasticSearchDomains: [awsElasticSearchDomain] @hasInverse(field: kms)
3030
dmsReplicationInstances: [awsDmsReplicationInstance] @hasInverse(field: kms)
31+
sageMakerNotebookInstances: [awsSageMakerNotebookInstance] @hasInverse(field: kms)
3132
}

src/services/networkInterface/connections.ts

Lines changed: 40 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import services from '../../enums/services'
55
import { RawAwsSubnet } from '../subnet/data'
66
import { RawFlowLog } from '../flowLogs/data'
77
import { RawNetworkInterface } from './data'
8+
import { RawAwsSageMakerNotebookInstance } from '../sageMakerNotebookInstance/data'
89

910
export default ({
1011
service: networkInterface,
@@ -46,21 +47,45 @@ export default ({
4647
/**
4748
* Find any FlowLog related data
4849
*/
49-
const flowLogs = data.find(({ name }) => name === services.flowLog)
50-
if (flowLogs?.data?.[region]) {
51-
const dataAtRegion: RawFlowLog[] = flowLogs.data[region].filter(
52-
({ ResourceId }: RawFlowLog) =>
53-
ResourceId === NetworkInterfaceId
54-
)
55-
for (const flowLog of dataAtRegion) {
56-
connections.push({
57-
id: flowLog.FlowLogId,
58-
resourceType: services.flowLog,
59-
relation: 'child',
60-
field: 'flowLogs',
61-
})
62-
}
63-
}
50+
const flowLogs = data.find(({ name }) => name === services.flowLog)
51+
if (flowLogs?.data?.[region]) {
52+
const dataAtRegion: RawFlowLog[] = flowLogs.data[region].filter(
53+
({ ResourceId }: RawFlowLog) => ResourceId === NetworkInterfaceId
54+
)
55+
for (const flowLog of dataAtRegion) {
56+
connections.push({
57+
id: flowLog.FlowLogId,
58+
resourceType: services.flowLog,
59+
relation: 'child',
60+
field: 'flowLogs',
61+
})
62+
}
63+
}
64+
65+
/**
66+
* Find any sageMakerNotebookInstance related data
67+
*/
68+
const notebooks = data.find(
69+
({ name }) => name === services.sageMakerNotebookInstance
70+
)
71+
if (notebooks?.data?.[region]) {
72+
const dataAtRegion: RawAwsSageMakerNotebookInstance[] = notebooks.data[
73+
region
74+
].filter(
75+
({
76+
NetworkInterfaceId: notebookNetworkInterfaceId,
77+
}: RawAwsSageMakerNotebookInstance) =>
78+
notebookNetworkInterfaceId === NetworkInterfaceId
79+
)
80+
for (const notebook of dataAtRegion) {
81+
connections.push({
82+
id: notebook.NotebookInstanceArn,
83+
resourceType: services.sageMakerNotebookInstance,
84+
relation: 'child',
85+
field: 'sageMakerNotebookInstances',
86+
})
87+
}
88+
}
6489

6590
const natResult = {
6691
[NetworkInterfaceId]: connections,

src/services/networkInterface/schema.graphql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ type awsNetworkInterface @key(fields: "arn") {
2222
vpc: [awsVpc] @hasInverse(field: networkInterface)
2323
efsMountTarget: [awsEfsMountTarget] @hasInverse(field: networkInterface)
2424
flowLogs: [awsFlowLog] @hasInverse(field: networkInterface) #change to singular
25+
sageMakerNotebookInstances: [awsSageMakerNotebookInstance] @hasInverse(field: networkInterface)
2526
}
2627

2728
type awsNetworkInterfaceAttachment

src/services/sageMakerNotebookInstance/connections.ts

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
import { ServiceConnection } from '@cloudgraph/sdk'
2+
import { isEmpty } from 'lodash'
3+
4+
import services from '../../enums/services'
5+
import { AwsKms } from '../kms/data'
6+
import { RawAwsSageMakerNotebookInstance } from '../sageMakerNotebookInstance/data'
7+
import { AwsSecurityGroup } from '../securityGroup/data'
8+
9+
export default ({
10+
service: notebook,
11+
data,
12+
region,
13+
}: {
14+
service: RawAwsSageMakerNotebookInstance
15+
data: Array<{ name: string; data: { [property: string]: any[] } }>
16+
region: string
17+
}): {
18+
[property: string]: ServiceConnection[]
19+
} => {
20+
const { SecurityGroups = [], KmsKeyId, NotebookInstanceArn } = notebook
21+
const connections: ServiceConnection[] = []
22+
/**
23+
* Find related securityGroups
24+
*/
25+
const securityGroups: {
26+
name: string
27+
data: { [property: string]: any[] }
28+
} = data.find(({ name }) => name === services.sg)
29+
if (securityGroups?.data?.[region]) {
30+
const dataInRegion: AwsSecurityGroup[] = securityGroups.data[region].filter(
31+
({ GroupId }: AwsSecurityGroup) => SecurityGroups.includes(GroupId)
32+
)
33+
if (!isEmpty(dataInRegion)) {
34+
for (const sg of dataInRegion) {
35+
const { GroupId: id } = sg
36+
connections.push({
37+
id,
38+
resourceType: services.sg,
39+
relation: 'child',
40+
field: 'securityGroups',
41+
})
42+
}
43+
}
44+
}
45+
46+
/**
47+
* Find any kms related data
48+
*/
49+
const keys = data.find(({ name }) => name === services.kms)
50+
if (keys?.data?.[region]) {
51+
const dataAtRegion: AwsKms[] = keys.data[region].filter(
52+
({ KeyArn }: AwsKms) => KeyArn === KmsKeyId
53+
)
54+
for (const key of dataAtRegion) {
55+
connections.push({
56+
id: key.KeyId,
57+
resourceType: services.kms,
58+
relation: 'child',
59+
field: 'kms',
60+
})
61+
}
62+
}
63+
64+
const natResult = {
65+
[NotebookInstanceArn]: connections,
66+
}
67+
return natResult
68+
}

0 commit comments

Comments
 (0)