github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/arm/database/adapt.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/arm/database/adapt.go (about)

     1  package database
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/azure/database"
     5  	"github.com/khulnasoft-lab/defsec/pkg/scanners/azure"
     6  )
     7  
     8  func Adapt(deployment azure.Deployment) database.Database {
     9  	return database.Database{
    10  		MSSQLServers:      adaptMSSQLServers(deployment),
    11  		MariaDBServers:    adaptMariaDBServers(deployment),
    12  		MySQLServers:      adaptMySQLServers(deployment),
    13  		PostgreSQLServers: adaptPostgreSQLServers(deployment),
    14  	}
    15  }
    16  
    17  func adaptMySQLServers(deployment azure.Deployment) (mysqlDbServers []database.MySQLServer) {
    18  	for _, resource := range deployment.GetResourcesByType("Microsoft.DBforMySQL/servers") {
    19  		mysqlDbServers = append(mysqlDbServers, adaptMySQLServer(resource, deployment))
    20  	}
    21  	return mysqlDbServers
    22  }
    23  
    24  func adaptMySQLServer(resource azure.Resource, deployment azure.Deployment) database.MySQLServer {
    25  	return database.MySQLServer{
    26  		Metadata: resource.Metadata,
    27  		Server: database.Server{
    28  			Metadata:                  resource.Metadata,
    29  			EnableSSLEnforcement:      resource.Properties.GetMapValue("sslEnforcement").AsBoolValue(false, resource.Metadata),
    30  			MinimumTLSVersion:         resource.Properties.GetMapValue("minimalTlsVersion").AsStringValue("TLSEnforcementDisabled", resource.Metadata),
    31  			EnablePublicNetworkAccess: resource.Properties.GetMapValue("publicNetworkAccess").AsBoolValue(false, resource.Metadata),
    32  			FirewallRules:             addFirewallRule(resource),
    33  		},
    34  	}
    35  }