Merge pull request #37 from cloudgraphdev/feature/CG-1272

feat: Add backupVaults, backupInstances and backupPolicies services

Author: hjaraujof

README.md

@@ -51,8 +51,9 @@ CloudGraph needs read permissions in order to ingest your data. To keep things e
 | authRoleAssignment                          | adApplication, adGroup, adServicePrincipal, adUser, authRoleDefinition        |
 | authRoleDefinition                          | actionGroup, authRoleAssignment                                               |
 | autoProvisioningSettings                    |                                                                               |
-| backupInstance                              | resourceGroup                                                                 |
-| backupPolicy                                | resourceGroup                                                                 |
+| backupInstance                              | backupVaults, resourceGroup                                                   |
+| backupPolicy                                | backupVaults, resourceGroup                                                   |
+| backupVaults                                | backupInstances, backupPolicies, resourceGroup                                |
 | cdnCustomDomains                            | cdnEndpoints, resourceGroup                                                   |
 | cdnEndpoints                                | cdnCustomDomains, cdnOrigins, cdnOriginGroups, cdnProfiles, resourceGroup     |
 | cdnProfiles                                 | cdnEndpoints, resourceGroup                                                   |
@@ -92,7 +93,9 @@ CloudGraph needs read permissions in order to ingest your data. To keep things e
 | postgreSqlServers                           | resourceGroup, databasePostgreSql                                             |
 | privateDns                                  | resourceGroup                                                                 |
 | publicIp                                    | networkInterface, resourceGroup                                               |
-| recoveryVaults                              | resourceGroup                                                                 |
+| recoveryInstances                           | recoveryVaults, resourceGroup                                                 |
+| recoveryPolicies                            | recoveryVaults, resourceGroup                                                 |
+| recoveryVaults                              | recoveryInstances, recoveryPolicies, resourceGroup                            |
 | redisCaches                                 | resourceGroup                                                                 |
 | replicationAppliances                       | resourceGroup                                                                 |
 | replicationCenters                          | resourceGroup                                                                 |

src/enums/relations.ts

@@ -15,7 +15,8 @@ export default {
     services.cdnOriginGroups,
   ],
   [services.dataFactory]: [services.integrationRuntime],
-  // [services.backupVault]: [services.backupInstance, services.backupPolicy],
+  [services.backupVaults]: [services.backupInstances, services.backupPolicies],
+  [services.recoveryVaults]: [services.recoveryInstances, services.recoveryPolicies],
   [services.synapseWorkspaces]: [
     services.synapseBigDataPools,
     services.synapseSqlPools,

src/enums/schemasMap.ts

@@ -23,9 +23,9 @@ export default {
   [services.authRoleAssignment]: 'azureAuthRoleAssignment',
   [services.authRoleDefinition]: 'azureAuthRoleDefinition',
   [services.autoProvisioningSettings]: 'azureAutoProvisioningSetting',
-  // [services.backupVault]: 'azureBackupVault',
-  [services.backupInstance]: 'azureBackupInstance',
-  [services.backupPolicy]: 'azureBackupPolicy',
+  [services.backupVaults]: 'azureBackupVault',
+  [services.backupInstances]: 'azureBackupInstance',
+  [services.backupPolicies]: 'azureBackupPolicy',
   [services.billing]: 'azureBilling',
   [services.cdnCustomDomains]: 'azureCdnCustomDomain',
   [services.cdnEndpoints]: 'azureCdnEndpoint',
@@ -67,6 +67,8 @@ export default {
   [services.privateDns]: 'azurePrivateDnsZone',
   [services.publicIp]: 'azurePublicIp',
   [services.recoveryVaults]: 'azureRecoveryVault',
+  [services.recoveryInstances]: 'azureRecoveryInstance',
+  [services.recoveryPolicies]: 'azureRecoveryPolicy',
   [services.redisCaches]: 'azureRedisCache',
   [services.replicationAppliances]: 'azureReplicationAppliance',
   [services.replicationCenters]: 'azureReplicationCenter',

src/enums/serviceAliases.ts

@@ -12,9 +12,9 @@ export default {
   [services.authRoleAssignment]: 'authRoleAssignments',
   [services.authRoleDefinition]: 'authRoleDefinitions',
   [services.autoProvisioningSettings]: 'autoProvisioningSettings',
-  // [services.backupVault]: 'backupVaults',
-  [services.backupInstance]: 'backupInstances',
-  [services.backupPolicy]: 'backupPolicies',
+  [services.backupVaults]: 'backupVaults',
+  [services.backupInstances]: 'backupInstances',
+  [services.backupPolicies]: 'backupPolicies',
   [services.cdnCustomDomains]: 'cdnCustomDomains',
   [services.cdnEndpoints]: 'cdnEndpoints',
   [services.cdnOriginGroups]: 'cdnOriginGroups',
@@ -55,6 +55,8 @@ export default {
   [services.privateDns]: 'privateDnsZones',
   [services.publicIp]: 'publicIps',
   [services.recoveryVaults]: 'recoveryVaults',
+  [services.recoveryInstances]: 'recoveryInstances',
+  [services.recoveryPolicies]: 'recoveryPolicies',
   [services.redisCaches]: 'redisCaches',
   [services.replicationAppliances]: 'replicationAppliances',
   [services.replicationCenters]: 'replicationCenters',

src/enums/serviceMap.ts

@@ -51,6 +51,8 @@ import AzurePostgreSqlServer from '../services/postgreSqlServers'
 import AzurePrivateDns from '../services/privateDns'
 import AzurePublicIp from '../services/publicIp'
 import AzureRecoveryVault from '../services/recoveryVaults'
+import AzureRecoveryInstance from '../services/recoveryInstances'
+import AzureRecoveryPolicy from '../services/recoveryPolicies'
 import AzureRedisCache from '../services/redisCache'
 import AzureReplicationAppliance from '../services/replicationAppliances'
 import AzureReplicationCenter from '../services/replicationCenters'
@@ -79,9 +81,9 @@ import AzureCosmosDb from '../services/cosmosDb'
 import AzureAppInsights from '../services/appInsights'
 import AzureIntegrationRuntime from '../services/integrationRuntimes' 
 import AzureServiceBus from '../services/serviceBus'
-// import AzureBackupVault from '../services/backupVault'
-import AzureBackupInstance from '../services/backupInstance'
-import AzureBackupPolicy from '../services/backupPolicy'
+import AzureBackupVault from '../services/backupVaults'
+import AzureBackupInstance from '../services/backupInstances'
+import AzureBackupPolicy from '../services/backupPolicies'
 import AzureBilling from '../services/billing'
 import AzureLogProfiles from '../services/logProfiles'
 import Subscription from '../services/subscription'
@@ -111,9 +113,9 @@ export default {
   [services.authRoleAssignment]: AzureAuthRoleAssignment,
   [services.authRoleDefinition]: AzureAuthRoleDefinition,
   [services.autoProvisioningSettings]: AzureAutoProvisioningSettings,
-  // [services.backupVault]: AzureBackupVault,
-  [services.backupInstance]: AzureBackupInstance,
-  [services.backupPolicy]: AzureBackupPolicy,
+  [services.backupVaults]: AzureBackupVault,
+  [services.backupInstances]: AzureBackupInstance,
+  [services.backupPolicies]: AzureBackupPolicy,
   [services.billing]: AzureBilling,
   [services.cdnCustomDomains]: AzureCdnCustomDomains,
   [services.cdnEndpoints]: AzureCdnEndpoints,
@@ -155,6 +157,8 @@ export default {
   [services.privateDns]: AzurePrivateDns,
   [services.publicIp]: AzurePublicIp,
   [services.recoveryVaults]: AzureRecoveryVault,
+  [services.recoveryInstances]: AzureRecoveryInstance,
+  [services.recoveryPolicies]: AzureRecoveryPolicy,
   [services.redisCaches]: AzureRedisCache,
   [services.replicationAppliances]: AzureReplicationAppliance,
   [services.replicationCenters]: AzureReplicationCenter,

src/enums/services.ts

@@ -17,9 +17,9 @@ export default {
   authRoleAssignment: 'authRoleAssignment',
   authRoleDefinition: 'authRoleDefinition',
   autoProvisioningSettings: 'autoProvisioningSettings',
-  // backupVault: 'backupVault',
-  backupInstance: 'backupInstance',
-  backupPolicy: 'backupPolicy',
+  backupVaults: 'backupVaults',
+  backupInstances: 'backupInstances',
+  backupPolicies: 'backupPolicies',
   billing: 'billing',
   cdnCustomDomains: 'cdnCustomDomains',
   cdnEndpoints: 'cdnEndpoints',
@@ -61,6 +61,8 @@ export default {
   privateDns: 'privateDns',
   publicIp: 'publicIp',
   recoveryVaults: 'recoveryVaults',
+  recoveryInstances: 'recoveryInstances',
+  recoveryPolicies: 'recoveryPolicies',
   redisCaches: 'redisCaches',
   replicationAppliances: 'replicationAppliances',
   replicationCenters: 'replicationCenters',

src/properties/logger.ts

@@ -149,6 +149,9 @@ export default {
   foundPublicIps: (num: number): string => `Found ${num} public ips`,
   // Recovery Vaults
   foundRecoveryVaults: (num: number): string => `Found ${num} recovery vaults`,
+  foundRecoveryInstances: (num: number): string =>
+  `Found ${num} recovery instances`,
+  foundRecoveryPolicies: (num: number): string => `Found ${num} recovery policies`,
   // RedisCache
   foundRedisCaches: (num: number): string => `Found ${num} Redis caches`,
   // Replication Appliances

src/services/backupInstances/connections.ts

@@ -0,0 +1,54 @@
+import { ServiceConnection } from '@cloudgraph/sdk'
+import { isEmpty } from 'lodash'
+
+import services from '../../enums/services'
+import { caseInsensitiveEqual } from '../../utils'
+import { RawAzureResourceGroup } from '../resourceGroup/data'
+import { RawAzureBackupInstanceResource } from './data'
+
+export default ({
+  service,
+  data,
+  region,
+}: {
+  service: RawAzureBackupInstanceResource
+  data: Array<{ name: string; data: { [property: string]: any[] } }>
+  region: string
+}): {
+  [property: string]: ServiceConnection[]
+} => {
+  const connections: ServiceConnection[] = []
+  const { id, resourceGroupId: rgName } = service
+
+  /**
+   * Find resource group related to this backup instance
+   */
+  const resourceGroups: {
+    name: string
+    data: { [property: string]: RawAzureResourceGroup[] }
+  } = data.find(({ name }) => name === services.resourceGroup)
+
+  if (resourceGroups?.data?.[region]) {
+    const resourceGroupsInRegion: RawAzureResourceGroup[] = resourceGroups.data[
+      region
+    ].filter(({ name: resourceGroupName }: RawAzureResourceGroup) =>
+      caseInsensitiveEqual(resourceGroupName, rgName)
+    )
+
+    if (!isEmpty(resourceGroupsInRegion)) {
+      for (const rg of resourceGroupsInRegion) {
+        connections.push({
+          id: rg.id,
+          resourceType: services.resourceGroup,
+          relation: 'child',
+          field: 'resourceGroup',
+        })
+      }
+    }
+  }
+
+  const result = {
+    [id]: connections,
+  }
+  return result
+}

src/services/backupInstances/data.ts

@@ -0,0 +1,98 @@
+import CloudGraph from '@cloudgraph/sdk'
+
+import azureLoggerText from '../../properties/logger'
+import { AzureRestApiNewClientParams, AzureServiceInput, BackupInstanceResource } from '../../types'
+import { tryCatchWrapper } from '../../utils'
+import { RestApiClient } from '../../utils/apiUtils'
+import { lowerCaseLocation } from '../../utils/format'
+import getAzureVaults, { RawAzureBackupVault } from '../backupVaults/data'
+
+const { logger } = CloudGraph
+const lt = { ...azureLoggerText }
+const serviceName = 'Backup Instances'
+
+export interface RawAzureBackupInstanceResource extends BackupInstanceResource {
+  region: string
+  resourceGroupId: string
+  vaultName: string
+}
+
+export default async ({
+  regions,
+  config,
+  rawData,
+  opts,
+}: AzureServiceInput): Promise<{
+  [property: string]: RawAzureBackupInstanceResource[]
+}> => {
+  try {
+    const client = new RestApiClient({
+      config,
+      options: { version: '2021-01-01' },
+    } as AzureRestApiNewClientParams)
+
+    const vaults: RawAzureBackupVault[] =
+      Object.values(
+        await getAzureVaults({
+          regions,
+          config,
+          rawData,
+          opts,
+        })
+      )?.reduce((acc, val) => acc.concat(val), []) || []
+
+    const items: RawAzureBackupInstanceResource[] = []
+    await tryCatchWrapper(
+      async () => {
+        await Promise.all(
+          (vaults || []).map(async ({ name: vaultName, resourceGroupId }) => {
+            const backupInstances = await client.listData({
+              path: `/resourceGroups/${resourceGroupId}/providers/Microsoft.DataProtection/backupVaults/${vaultName}/backupInstances`,
+            })
+            for (const item of backupInstances) {
+              if (item) {
+                const { location, ...rest } = item
+                const region =
+                  (location && lowerCaseLocation(location)) || 'global'
+                items.push({
+                  ...rest,
+                  region,
+                  resourceGroupId,
+                  vaultName,
+                })
+              }
+            }
+          })
+        )
+        logger.debug(lt.foundBackupInstances(items.length))
+      },
+      {
+        service: serviceName,
+        client,
+        scope: 'backupInstances',
+        operation: 'list',
+      }
+    )
+
+    const result: { [property: string]: RawAzureBackupInstanceResource[] } = {}
+    await Promise.all(
+      items
+        .filter(i => i)
+        .map(async ({ region, ...rest }) => {
+          if (regions.includes(region)) {
+            if (!result[region]) {
+              result[region] = []
+            }
+            result[region].push({
+              region,
+              ...rest,
+            })
+          }
+        })
+    )
+    return result
+  } catch (e) {
+    logger.error(e)
+    return {}
+  }
+}