Merge pull request #679 from JupiterOne/GCP-Enhancement-BeyondCrop

Gcp enhancement beyond crop
JupiterOne-Archives · May 9, 2024 · 1cdcfd9 · 1cdcfd9
2 parents b7bdc67 + b135fa3
commit 1cdcfd9
Show file tree

Hide file tree

Showing 27 changed files with 23,818 additions and 2,721 deletions.
diff --git a/docs/jupiterone.md b/docs/jupiterone.md
@@ -60,6 +60,7 @@ all of the supported data into JupiterOne:
 | [apigateway](https://console.developers.google.com/apis/library/apigateway.googleapis.com)                     | apigateway.googleapis.com           |
 | [appengine](https://console.developers.google.com/apis/library/appengine.googleapis.com)                       | appengine.googleapis.com            |
 | [artifactregistry](https://console.developers.google.com/apis/library/artifactregistry.googleapis.com)         | artifactregistry.googleapis.com     |
+| [beyondcorp](https://console.developers.google.com/apis/library/beyondcorp.googleapis.com)                     | beyondcorp.googleapis.com           |
 | [bigquery](https://console.developers.google.com/apis/library/bigquery.googleapis.com)                         | bigquery.googleapis.com             |
 | [bigtable](https://console.developers.google.com/apis/library/bigtable.googleapis.com)                         | bigtable.googleapis.com             |
 | [binaryauthorization](https://console.developers.google.com/apis/library/binaryauthorization.googleapis.com)   | binaryauthorization.googleapis.com  |
@@ -122,6 +123,7 @@ gcloud services enable \
  apigateway.googleapis.com \
  appengine.googleapis.com \
  artifactregistry.googleapis.com \
+ beyondcorp.googleapis.com \
  bigquery.googleapis.com \
  bigtable.googleapis.com \
  binaryauthorization.googleapis.com \
@@ -364,6 +366,11 @@ The following entities are created:
 | Artifact Registry VPCSC configuration                    | `google_cloud_artifact_registry_vpcsc_configuration`              | `Configuration`                    |
 | Artifact Repository Package                              | `google_cloud_artifact_registry_package`                          | `CodeModule`                       |
 | Audit Config                                             | `google_cloud_audit_config`                                       | `Configuration`                    |
+| BeyondCrop App connection                                | `google_cloud_beyondcorp_connection`                              | `Network`                          |
+| BeyondCrop App connector                                 | `google_cloud_beyondcorp_connector`                               | `Network`                          |
+| BeyondCrop Application Endpoints                         | `google_cloud_beyondcorp_application_endpoint`                    | `NetworkEndpoint`                  |
+| BeyondCrop Enterprise                                    | `google_cloud_beyondcorp_enterprise`                              | `Service`                          |
+| BeyondCrop gateways                                      | `google_cloud_beyondcorp_gateway`                                 | `Gateway`                          |
 | Big Query Dataset                                        | `google_bigquery_dataset`                                         | `DataStore`, `Database`            |
 | Big Query Model                                          | `google_bigquery_model`                                           | `Model`                            |
 | Big Query Table                                          | `google_bigquery_table`                                           | `DataCollection`                   |
@@ -487,6 +494,10 @@ The following relationships are created:
 | `google_cloud_audit_config`                                      | **ALLOWS**            | `google_group`                                                    |
 | `google_cloud_audit_config`                                      | **ALLOWS**            | `google_iam_service_account`                                      |
 | `google_cloud_audit_config`                                      | **ALLOWS**            | `google_user`                                                     |
+| `google_cloud_beyondcorp_application_endpoint`                   | **USES**              | `google_cloud_beyondcorp_gateway`                                 |
+| `google_cloud_beyondcorp_connection`                             | **HAS**               | `google_cloud_beyondcorp_application_endpoint`                    |
+| `google_cloud_beyondcorp_connection`                             | **HAS**               | `google_cloud_beyondcorp_connector`                               |
+| `google_cloud_beyondcorp_connection`                             | **HAS**               | `google_cloud_beyondcorp_gateway`                                 |
 | `google_cloud_bitbucket_server_config`                           | **HAS**               | `google_cloud_bitbucket_server_repo`                              |
 | `google_cloud_build`                                             | **USES**              | `google_cloud_source_repository`                                  |
 | `google_cloud_build`                                             | **USES**              | `google_storage_bucket`                                           |
@@ -503,6 +514,9 @@ The following relationships are created:
 | `google_cloud_project`                                           | **HAS**               | `google_cloud_api_service`                                        |
 | `google_cloud_project`                                           | **HAS**               | `google_cloud_artifact_registry`                                  |
 | `google_cloud_project`                                           | **HAS**               | `google_cloud_artifact_registry_repository`                       |
+| `google_cloud_project`                                           | **USES**              | `google_cloud_beyondcorp_connection`                              |
+| `google_cloud_project`                                           | **USES**              | `google_cloud_beyondcorp_connector`                               |
+| `google_cloud_project`                                           | **HAS**               | `google_cloud_beyondcorp_enterprise`                              |
 | `google_cloud_run_service`                                       | **MANAGES**           | `google_cloud_run_configuration`                                  |
 | `google_cloud_run_service`                                       | **MANAGES**           | `google_cloud_run_route`                                          |
 | `google_cloud_scan_config`                                       | **PERFORMED**         | `google_cloud_scan_run`                                           |
@@ -612,7 +626,7 @@ permissions can be used to provision only the required ones:
 
 <!-- {J1_PERMISSIONS_DOCUMENTATION_MARKER_START} -->
 
-| Permissions List (115)                                  |
+| Permissions List (118)                                  |
 | ------------------------------------------------------- |
 | `accesscontextmanager.accessLevels.list`                |
 | `accesscontextmanager.accessPolicies.list`              |
@@ -630,6 +644,9 @@ permissions can be used to provision only the required ones:
 | `artifactregistry.packages.list`                        |
 | `artifactregistry.repositories.list`                    |
 | `artifactregistry.vpcscconfigs.get`                     |
+| `beyondcrop.appConnections.list`                        |
+| `beyondcrop.appConnectors.list`                         |
+| `beyondcrop.appGateways.list`                           |
 | `bigquery.datasets.get`                                 |
 | `bigquery.models.getData`                               |
 | `bigquery.models.getMetadata`                           |