4.2.0
Highlights
Google Cloud Platform
- Expanded Service Support: Added collections for Pub/Sub, Cloud Functions, Firestore, Filestore, and SCC services.
- AI Service Support: Added support for Vertex AI resources.
- Enhanced Insights: Improved metrics collection for major cloud services.
Amazon Web Services
- Broader Security Coverage: Added collections for SSM Compliance, GuardDuty, and Inspector resources.
- AI Service Support: Fix now supports SageMaker, Bedrock, and Q services.
- Policy and Lifecycle Enhancements: Lifecycle policies for S3 and expanded CloudWatch policies.
Microsoft Azure
- New Resource Support: Added collections for PostgreSQL, CosmosDB, SQL Server, and Flow Logs.
- AI Service Support: Added support for Machine Learning resources.
- Improved Monitoring and KeyVault Integration: Enhanced visibility and security for critical Azure resources.
- New Security Benchmark: Azure CIS 2.1 has been added to the list of benchmarks.
Core and Library Enhancements
- Resource Abstraction: More common properties added to base resources.
- Categories: Unified resource categories for better organization.
- Consistency: Improved consistency checks.
What's Changed
Features
98efe454
gcp Add SCC service collection (#2291)54024e5c
gcp Improve the way of collection for DiskTypes and MachineTypes (#2284)73efbf33
gcp Add Pub/Sub service collection (#2287)c6267002
gcp Add metrics collection (#2283)5b8dc075
lib Extend base resources with additional common properties (#2278)2cccb449
aws Reimplement SSM Compliance resource collection (#2280)a18bf1af
gcp Add cloudfunctions service collection (#2276)6a681048
gcp Add filestore service collection (#2277)6d185bb3
gcp Add firestore service collection (#2275)897e9204
core Add Async Streams abstraction (#2273)309a6344
azure Update security assessments collection (#2266)c22f979f
aws Add searching instances also by region and makeSEVERITY_MAPPING
statically (#2272)65c98f76
aws Add collection of GuardDuty resource (#2255)bc8eae4a
aws Make a collection of Ec2 Instance types only for existing instances (#2264)fc42db51
lib Allow marking resource classes as not exportable (#2259)23cd836a
lib Define separate assessment section (#2257)d77c65cc
aws Ignore datetime for history by default (#2256)a0083255
plugins/onprem Move onprem plugin to dedicated repository (#2251)8626219a
aws Add collection of Inspector resource (#2242)6cacdf95
azure : Add more connections from monitor (#2239)47a41a01
plugins/vsphere Move vSphere plugin to dedicated repository (#2243)b37bc55c
azure Collect certificates from sub resources (#2225)f3a94606
core Allows retrieving the model from plugins instead of db (#2232)8482aa6d
azure : Improved AzureComputeDiskTypePricing deletion (#2231)e27feda8
aws Add additional policies to the cloudwatch (#2216)1022d231
Cleanup (#2224)25d12134
aws Add lifecycle policy to the S3 resource (#2220)a2853406
gcp Add Vertex AI collection (#2211)06ff0a3f
azure Connect CosmosDB resources to the location instead of subscription (#2214)70e1eec9
core Add node command (#2212)4ba56c19
plugin Better docs and docs_url (#2210)14887b64
core Add kind description in multi tenant mode (#2204)550f6bf1
aws : Add more policies to collect (#2202)146cd102
core list: allow for listing props with default props (#2200)077a8086
core Add IAM edge collection (#2198)50ec1d35
aws Bedrock resources collection (#2190)6d11a8a9
lib Unify groups and categories (#2194)62a867e8
lib Improve model check (#2193)90139f5c
hetzner Initial Hetzner Cloud support (#2168)66cbd9e3
plugins Proper name, icon and group for AWS, Azure and GCP (#2188)36ddfa5b
core Allow filtering edge properties (#2186)85fbe2d2
azure Azure adjust names and connections (#2183)f7d3dac7
core Allow edge properties (#2182)467a6638
core Use database locks to perform migration (#2184)c3a1bddb
aws Add amazon Q resource collection (#2175)6be0feb2
azure Add machine learning resources collection (#2174)70cee4c5
core allowlist events for posthog (#2177)0b83034f
azure Add PostgreSQL collection for cosmos-db resources (#2170)4fffcfa9
azure Add cosmos-db resources collection (#2167)4b9b7184
azure Add WebApp (#2164)3c831f8c
azure Improve KeyVault (#2163)c06a775b
core account security score details (#2162)89ffc7c4
gcp Save parsing with feedback (#2160)34d50ba3
azure Add flow log resource collection (#2159)fdaeb537
azure Monitoring and KeyVault resources (#2156)f692309a
azure : Update configs collection for mysql and postgresql (#2157)3410e814
azure Add postgres service collection (#2155)4125af70
azure Improve SQL Server (#2151)3de8958f
azure Add support for mysql resource collection (#2150)4f24d5ba
core Add history timeline (#2152)a7cdc097
azure : Add prefix 'server' to the SQL resources (#2148)ea2c97fe
azure Add policies (#2141)4f4d80eb
azure Add support for sql resource collection (#2144)
Fixes
d61bb368
docker-compose no pull info (#2297)0d969e4f
docker-compose -> docker compose (#2295)3fff8b57
aws : Update S3 bucket tests for updated implementation (#2281)e0c1ae7d
azure : Ignore errors from Azure side (#2263)ebb67bec
aws Collect and connect Inspector resources properly (#2253)2022f484
azure Metadata (#2261)aceca6bc
core Use id and name for descendant count (#2271)e83ee7a7
Store access levels directly on the reported section (#2265)67091085
core Count failing resources correctly (#2269)fee7b5a0
Enable access_edges via env variable (#2262)d2acc740
aws Ignore wrong history events (#2260)3ba74a90
Add sts:AssumeRole action when checking roles (#2244)4d6ff4a7
Add an access section next to permissions in IAM edges (#2254)015bbfee
Make resource_policy abstract method to trigger typecheck (#2252)53b45ef1
aws Turn off access edge collection (#2248)4381b4fb
core Export property documentation for configs (#2245)20335dd2
Wrap scp collection into try catch (#2241)d3c88331
Enable access edges collection (#2238)42c7c446
Collect SCPs for access edges (#2235)d989475c
aws Handle AWS server errors properly (#2236)19801757
azure Reimplement resource type collection of compute, psql, mysql and ml services (#2234)8adf359d
core Add kinds to content hash (#2233)303e661e
azure Define Phantom Resources (#2230)12878a16
aws Add missing resource docs (#2227)73218b40
azure Compute unused regions as last step (#2228)c6e9b82a
Access Edges (#2195)bce4ffcb
Better detect and remove unused regions (#2222)7f41f800
core move slotted data to previous slot, not next (#2226)e0f8435b
gcp : Deduplicate error messages in accumulator (#2223)46953708
core Merge edge and vertex and unfold in code (#2217)5aee8cbc
core Compute descendant count based on ancestors section not g… (#2213)a5267a37
azure : Fixconnect_in_graph
method ofAzureAuthorizationRoleAssignment
resource (#2215)47c62533
core Multipart name (#2203)5d39d027
azure Ignore props for history (#2201)61e97ea3
core Traverse the graph by walking all possible paths when an edge filter is present (#2197)21ddc09a
core Persist parent update structure in an atomic way (#2196)ac8c4a08
azure : Fix unnecessary abstract class kinds (#2191)d7fcb849
plugins Add missing metadata (#2192)e44bb355
core Fix model filter condition (#2189)2b99e41a
Add IamPrincipal base resource (#2187)f11d8717
core Surrogate system data (#2185)16df325e
core arangosearch predicates with array access (#2179)9256dace
core Do not use arangosearch for nested array context searches (#2178)d4f3a035
core latest azure check (#2172)e0008e56
Make report checks lookup safer (#2171)89cf8177
core History timeseries slotter (#2169)00b95816
gcp : Duplicate checksum error in sql service (#2166)59e53ccb
core Move timeline to request time after (#2165)dcd08d96
gcp Improve error message (#2161)2278030e
core Use consistent reading when updating the account (#2158)c8bb7918
gcp Disk size types (#2154)57a7d38c
shell Do not warn when the model cannot be loaded (#2153)0c4ee17a
azure Better names (#2149)73486084
core Security sync by always marking the resource vulnerable (#2147)4f0f9734
core History search with sort and fulltext terms (#2146)c710cf6e
core Fix nested with statements (#2145)
Documentation
786318ae
Update README.md fix Get Started Guide Link (Fixes: 2285 https://github.com/someengineering/fixinventory/issues/2285) (#2286)a42fa7ea
Update README.md (#2250)732e13fa
Added images to README.md (#2249)a6afc70a
Update README.md with details (#2247)68c61523
Update Link in overview of README.md (#2173)
Chores
07e0ded1
Bump libs (#2293)4c981891
Bump version (#2292)48a3e691
Use PostHog default host (#2290)43a1200a
Adjust Code-Owners (#2288)bbd5b4f2
Bump libs (#2282)aeeee140
Bump Libs (#2279)f960bd8c
Bump libs (#2270)a0d35cb6
plugins/posthog Log conversion errors (#2268)381f8a11
Remove unused gitignore entries (#2267)b9595dd9
Bump fixcompliance to latest84f055d0
Add a link to contribution guidelines (#2237)5f83fed3
Recreate requirements (#2229)6f8a26bf
Bump Libs (#2221)207397fa
Move to Python 3.12 (#2219)0dd8f240
lib Rename internal properties with underscore (#2209)3136b95c
lib Dedicated property for provider_link (#2208)0c2bc07e
Remove phantom property (#2207)634d5275
azure Adjust service names (#2205)1735b141
Bump Libs (#2199)fe600472
Bump fixcompliance to latest33eff4dd
Bump fixcompliance to latesta0efd4ff
aws Documentation for AWS Iam and SSO (#2181)7cda2327
azure Remove unused classes (#2180)bdc974a1
Bump libs (#2176)3b3c4cf2
Bump fixcompliance to latestd87f9f89
Bump fixcompliance to latest5e3bc854
Bump fixcompliance to latest3b7af84a
Bump fixcompliance to latest1c939020
Bump fixcompliance to latest
feature
76f1e08c
lib Add the source of resource kind (#2218)