cartography icon indicating copy to clipboard operation
cartography copied to clipboard
verified publisher icon lyft

feat(gcp): connect GCP IAM Roles to Organizations and Projects

Open kunaals opened this issue 10 months ago • 0 comments

Summary

This PR adds support for IAM roles in GCP, allowing Cartography to sync and track custom roles at both project and organization levels. Key changes:

  • Add organization-level IAM role syncing in GCP module
  • Introduce ParentType enum to better handle project vs org-level resources
  • Update schema to better represent role hierarchies and scopes
  • Improve logging and error handling
  • Remove unnecessary GCPPrincipal label from GSuite nodes

Related issues or links: https://github.com/cartography-cncf/cartography/issues/415

Checklist

  • [x] Updated integration tests for GCP IAM module
  • [x] Updated schema documentation in docs/root/modules/gcp/schema.md
  • [x] Added new test data in tests/data/gcp/iam.py
  • [x] Added new test cases in tests/integration/cartography/intel/gcp/test_iam.py

Resulting Graph View

org vs project roles

kunaals avatar Feb 13 '25 07:02 kunaals