Nico Haas

icon company @Fraunhofer-AISEC icon location Munich icon location Computer scientist (MSc)

Results 47 issues of Nico Haas

Support multiple regions in AWS discovery

Problem: As of now, most resources (e.g. EC2 instances) are discovered in the region specified in the AWS Config (e.g. in ~/.aws/config). Solution: Support for discovering resources in multiple regions....

enhancement

Make Cloud Service ID configurable in Discoverer

Currently the Cloud Service ID is hardcoded (UUID with 0s)

enhancement
service/discovery

Extend discovery

1 comment

This PR will extend the Azure discovery by adding: - Key Vault resource - Zone Redundancy security features - Web App function - Table Storage w/ Backup Note: In the...

api
cmd/engine
internal
service/assessment
policies
service
service/orchestrator
service/discovery
voc
api/evaluation

Proto: Use the newly introduced `Resource` message in `Evidence`?

1 comment

In #980, the `resource` message was defined. Shouldn't we use it in the `Evidence` message as well: https://github.com/clouditor/clouditor/blob/995e9390d73a635014fe8861c6f570a7dec640c7/api/evidence/evidence.proto#L39-L65 Here we still use the `google.protobuf.Value`

enhancement
blocked

Add Key Vault to Azure Discovery

### What happened? Add Key Vault to Azure Discovery, including: - Azure Key Vault - Keys - Secrets - Certificates ### Components Discovery ### Relevant log output _No response_

bug
enhancement

Use Azure SDK's mocking `Fake` servers for testing

### What happened? Currently, we use our own created mocking, see e.g.: https://github.com/clouditor/clouditor/blob/b02fcd26e6fbf18b5bfb9b667b3f36304bd15233/service/discovery/azure/storage_test.go#L50-L52 But there are a `fake` package provided by the SDK which we may can leverage, e.g.: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/[email protected]#readme-fakes...

bug
enhancement

Update AWS Compute Discovery

1 comment

- [x] Functions - [ ] VM - [ ] Compute (general)

internal
service

Add Filter to `ListXXX` requests for logical separation of deployed resources

2 comment

**Is your feature request related to a problem? Please describe.** In #1008 we added the possibility to let the engine search only for resources in a specific resource group. While...

enhancement

Don't use the same Filter for multiple messages (proto)

5 comment

https://github.com/clouditor/clouditor/blob/cf4cfd99102be5aa7c497706c2bd9d8d54daa73c/api/orchestrator/orchestrator.proto#L468-L477 Here, the `Filter` is used for both `ListAssessmentResultsRequest` and `ListAssessmentToolsRequest`. I guess the fields are not appropriate for both cases? In addition, the comments refer only to assessment results.

bug
api

Consider removing unused variables/constants in testdata

2 comment

I'm not sure if they are hold for future implementation or just have been forgotten. See, e.g., `MockControls` (and then `MockControl3`, `MockControl4`, `MockControl5` as well) https://github.com/clouditor/clouditor/blob/aa233849bd5c7777d61d83fc1f2ff70ac2021bcb/internal/testutil/servicetest/orchestratortest/orchestrator.go#L376 and `MockControlsInScopeSubControl4`