aiwilliams/jupiterone-google-cloud-2020.md

## jupiterone-google-cloud-2020.md

      
    Raw
  

              jupiterone-google-cloud-2020.md
            
          
    Google Cloud

2020

Entities

The following entities are created:


Resources
Entity _type
Entity _class


Cloud API Service
google_cloud_api_service
Service


Cloud Function
google_cloud_function
Function


Cloud Storage Bucket
google_storage_bucket
DataStore


Compute Disk
google_compute_disk
DataStore, Disk


Compute Firewalls
google_compute_firewall
Firewall


Compute Instance
google_compute_instance
Host


Compute Networks
google_compute_network
Network


Compute Subnetwork
google_compute_subnetwork
Network


IAM Role
google_iam_role
AccessRole


IAM Service Account
google_iam_service_account
User


IAM Service Account Key
google_iam_service_account_key
AccessKey


IAM User
google_user
User


KMS Crypto Key
google_kms_crypto_key
Key, CryptoKey


KMS Key Ring
google_kms_key_ring
Vault


Project
google_cloud_project
Account


Relationships

The following relationships are created/mapped:


Source Entity _type
Relationship _class
Target Entity _type


internet
ALLOWS
google_compute_firewall


google_cloud_project
HAS
google_cloud_api_service


google_compute_firewall
PROTECTS
google_compute_network


google_compute_instance
TRUSTS
google_iam_service_account


google_compute_instance
USES
google_compute_disk


google_compute_network
CONTAINS
google_compute_subnetwork


google_compute_network
HAS
google_compute_firewall


google_compute_subnetwork
HAS
google_compute_instance


google_iam_service_account
ASSIGNED
google_iam_role


google_iam_service_account
HAS
google_iam_service_account_key


google_kms_key_ring
HAS
google_kms_crypto_key


google_user
ASSIGNED
google_iam_role
Resources	Entity `_type`	Entity `_class`
Cloud API Service	`google_cloud_api_service`	`Service`
Cloud Function	`google_cloud_function`	`Function`
Cloud Storage Bucket	`google_storage_bucket`	`DataStore`
Compute Disk	`google_compute_disk`	`DataStore`, `Disk`
Compute Firewalls	`google_compute_firewall`	`Firewall`
Compute Instance	`google_compute_instance`	`Host`
Compute Networks	`google_compute_network`	`Network`
Compute Subnetwork	`google_compute_subnetwork`	`Network`
IAM Role	`google_iam_role`	`AccessRole`
IAM Service Account	`google_iam_service_account`	`User`
IAM Service Account Key	`google_iam_service_account_key`	`AccessKey`
IAM User	`google_user`	`User`
KMS Crypto Key	`google_kms_crypto_key`	`Key`, `CryptoKey`
KMS Key Ring	`google_kms_key_ring`	`Vault`
Project	`google_cloud_project`	`Account`
Source Entity `_type`	Relationship `_class`	Target Entity `_type`
`internet`	ALLOWS	`google_compute_firewall`
`google_cloud_project`	HAS	`google_cloud_api_service`
`google_compute_firewall`	PROTECTS	`google_compute_network`
`google_compute_instance`	TRUSTS	`google_iam_service_account`
`google_compute_instance`	USES	`google_compute_disk`
`google_compute_network`	CONTAINS	`google_compute_subnetwork`
`google_compute_network`	HAS	`google_compute_firewall`
`google_compute_subnetwork`	HAS	`google_compute_instance`
`google_iam_service_account`	ASSIGNED	`google_iam_role`
`google_iam_service_account`	HAS	`google_iam_service_account_key`
`google_kms_key_ring`	HAS	`google_kms_crypto_key`
`google_user`	ASSIGNED	`google_iam_role`