github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/arm/compute/adapt.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/arm/compute/adapt.go (about)

     1  package compute
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/azure/compute"
     5  	"github.com/khulnasoft-lab/defsec/pkg/scanners/azure"
     6  	defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types"
     7  )
     8  
     9  func Adapt(deployment azure.Deployment) compute.Compute {
    10  	return compute.Compute{
    11  		LinuxVirtualMachines:   adaptLinuxVirtualMachines(deployment),
    12  		WindowsVirtualMachines: adaptWindowsVirtualMachines(deployment),
    13  		ManagedDisks:           adaptManagedDisks(deployment),
    14  	}
    15  }
    16  
    17  func adaptManagedDisks(deployment azure.Deployment) (managedDisks []compute.ManagedDisk) {
    18  
    19  	for _, resource := range deployment.GetResourcesByType("Microsoft.Compute/disks") {
    20  		managedDisks = append(managedDisks, adaptManagedDisk(resource))
    21  	}
    22  
    23  	return managedDisks
    24  }
    25  
    26  func adaptManagedDisk(resource azure.Resource) compute.ManagedDisk {
    27  	hasEncryption := resource.Properties.HasKey("encryption")
    28  
    29  	return compute.ManagedDisk{
    30  		Metadata: resource.Metadata,
    31  		Encryption: compute.Encryption{
    32  			Metadata: resource.Metadata,
    33  			Enabled:  defsecTypes.Bool(hasEncryption, resource.Metadata),
    34  		},
    35  	}
    36  }
    37  
    38  func adaptWindowsVirtualMachines(deployment azure.Deployment) (windowsVirtualMachines []compute.WindowsVirtualMachine) {
    39  	for _, resource := range deployment.GetResourcesByType("Microsoft.Compute/virtualMachines") {
    40  		if resource.Properties.GetMapValue("osProfile").GetMapValue("windowsConfiguration").AsMap() != nil {
    41  			windowsVirtualMachines = append(windowsVirtualMachines, adaptWindowsVirtualMachine(resource))
    42  		}
    43  	}
    44  
    45  	return windowsVirtualMachines
    46  }
    47  
    48  func adaptWindowsVirtualMachine(resource azure.Resource) compute.WindowsVirtualMachine {
    49  	return compute.WindowsVirtualMachine{
    50  		Metadata: resource.Metadata,
    51  		VirtualMachine: compute.VirtualMachine{
    52  			Metadata: resource.Metadata,
    53  			CustomData: resource.Properties.GetMapValue("osProfile").
    54  				GetMapValue("customData").AsStringValue("", resource.Metadata),
    55  		},
    56  	}
    57  }
    58  
    59  func adaptLinuxVirtualMachines(deployment azure.Deployment) (linuxVirtualMachines []compute.LinuxVirtualMachine) {
    60  	for _, resource := range deployment.GetResourcesByType("Microsoft.Compute/virtualMachines") {
    61  		if resource.Properties.GetMapValue("osProfile").GetMapValue("linuxConfiguration").AsMap() != nil {
    62  			linuxVirtualMachines = append(linuxVirtualMachines, adaptLinuxVirtualMachine(resource))
    63  		}
    64  	}
    65  
    66  	return linuxVirtualMachines
    67  }
    68  
    69  func adaptLinuxVirtualMachine(resource azure.Resource) compute.LinuxVirtualMachine {
    70  	return compute.LinuxVirtualMachine{
    71  		Metadata: resource.Metadata,
    72  		VirtualMachine: compute.VirtualMachine{
    73  			Metadata: resource.Metadata,
    74  			CustomData: resource.Properties.GetMapValue("osProfile").
    75  				GetMapValue("customData").AsStringValue("", resource.Metadata),
    76  		},
    77  		OSProfileLinuxConfig: compute.OSProfileLinuxConfig{
    78  			Metadata: resource.Metadata,
    79  			DisablePasswordAuthentication: resource.Properties.GetMapValue("osProfile").
    80  				GetMapValue("linuxConfiguration").
    81  				GetMapValue("disablePasswordAuthentication").AsBoolValue(false, resource.Metadata),
    82  		},
    83  	}
    84  
    85  }