diff --git a/docs/mql/resources/aws-pack/aws.eks.cluster.md b/docs/mql/resources/aws-pack/aws.eks.cluster.md index e691501ad..f752c9f69 100644 --- a/docs/mql/resources/aws-pack/aws.eks.cluster.md +++ b/docs/mql/resources/aws-pack/aws.eks.cluster.md @@ -18,21 +18,23 @@ Amazon EKS cluster **Fields** -| ID | TYPE | DESCRIPTION | -| ------------------ | --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | -| name | string | Name of the cluster | -| arn | string | ARN of the cluster | -| region | string | Region for the cluster | -| tags | map[string]string | A map of tags associated with the cluster | -| endpoint | string | The endpoint of Kubernetes API server | -| version | string | Kubernetes server version | -| platformVersion | string | Amazon EKS cluster version | -| status | string | Cluster status | -| encryptionConfig | []dict | Encryption configuration for the cluster | -| logging | dict | Cluster logging configuration | -| networkConfig | dict | Kubernetes network configuration | -| resourcesVpcConfig | dict | VPC configuration | -| createdAt | time | Cluster creation timestamp | -| nodeGroups | [][aws.eks.nodegroup](aws.eks.nodegroup.md) | List of EKS node groups | -| addons | [][aws.eks.addon](aws.eks.addon.md) | List of EKS add-ons | -| iamRole | [aws.iam.role](aws.iam.role.md) | The IAM role that provides permissions for the Kubernetes control plane to make calls to Amazon Web Services API operations on your behalf | +| ID | TYPE | DESCRIPTION | +| ------------------ | --------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| name | string | Name of the cluster | +| arn | string | ARN of the cluster | +| region | string | Region for the cluster | +| tags | map[string]string | A map of tags associated with the cluster | +| endpoint | string | The endpoint of Kubernetes API server | +| version | string | Kubernetes server version | +| platformVersion | string | Amazon EKS cluster version | +| status | string | Cluster status | +| encryptionConfig | []dict | Encryption configuration for the cluster | +| logging | dict | Cluster logging configuration | +| networkConfig | dict | Kubernetes network configuration | +| resourcesVpcConfig | dict | VPC configuration | +| createdAt | time | Cluster creation timestamp | +| nodeGroups | [][aws.eks.nodegroup](aws.eks.nodegroup.md) | List of EKS node groups | +| addons | [][aws.eks.addon](aws.eks.addon.md) | List of EKS add-ons | +| iamRole | [aws.iam.role](aws.iam.role.md) | The IAM role that provides permissions for the Kubernetes control plane to make calls to Amazon Web Services API operations on your behalf | +| supportType | string | The Kubernetes support policy of the cluster. (`STANDARD` support automatically upgrades at the end of standard support. `EXTENDED` automatically enters extended support at the end of standard support) | +| authenticationMode | string | The authentication mode for the cluster | diff --git a/docs/mql/resources/aws-pack/aws.rds.dbcluster.md b/docs/mql/resources/aws-pack/aws.rds.dbcluster.md index 5a5f16606..7ba6b4664 100644 --- a/docs/mql/resources/aws-pack/aws.rds.dbcluster.md +++ b/docs/mql/resources/aws-pack/aws.rds.dbcluster.md @@ -20,33 +20,34 @@ The `aws.rds.dbcluster` resource provides fields for assessing the configuration **Fields** -| ID | TYPE | DESCRIPTION | -| ----------------------- | ----------------------------------------------------------- | --------------------------------------------------------------------------------------- | -| arn | string | ARN for the database cluster | -| region | string | Region where the database cluster exists | -| id | string | Identifier for the database cluster | -| members | [][aws.rds.dbinstance](aws.rds.dbinstance.md) | List of database instances that belong to the cluster | -| snapshots | [][aws.rds.snapshot](aws.rds.snapshot.md) | List of snapshots for the cluster | -| tags | map[string]string | Tags for the database cluster | -| storageEncrypted | bool | Whether the cluster is encrypted | -| storageAllocated | int | The amount of storage, in GiB, provisioned on the cluster | -| storageIops | int | The storage IOPS provisioned on the cluster | -| storageType | string | The type of storage provisioned on the cluster | -| status | string | Current state of the cluster | -| createdTime | time | The creation date of the RDS cluster | -| backupRetentionPeriod | int | Number of days for which automated snapshots are retained | -| autoMinorVersionUpgrade | bool | Whether minor version patches are applied automatically | -| clusterDbInstanceClass | string | Name of the compute and memory capacity class of the cluster database instances | -| engine | string | Name of the database engine for this database cluster | -| engineVersion | string | The version of the database engine for this DB cluster | -| publiclyAccessible | bool | Whether the cluster is publicly accessible | -| multiAZ | bool | Whether the cluster is a Multi-AZ deployment | -| deletionProtection | bool | Whether deletion protection is enabled | -| securityGroups | [][aws.ec2.securitygroup](aws.ec2.securitygroup.md) | List of VPC security group elements that the database cluster belongs to | -| availabilityZones | []string | List of Availability Zones (AZs) where instances in the database cluster can be created | -| port | int | The port that the database engine is listening on | -| endpoint | string | The connection endpoint for the primary instance of the database cluster | -| hostedZoneId | string | The cluster hosted zone ID | -| masterUsername | string | The master username for the database | -| latestRestorableTime | time | The latest time to which a database can be restored with point-in-time restore | -| backupSettings | [][aws.rds.backupsetting](aws.rds.backupsetting.md) | Backup setting for the database cluster | +| ID | TYPE | DESCRIPTION | +| ----------------------- | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| arn | string | ARN for the database cluster | +| region | string | Region where the database cluster exists | +| id | string | Identifier for the database cluster | +| members | [][aws.rds.dbinstance](aws.rds.dbinstance.md) | List of database instances that belong to the cluster | +| snapshots | [][aws.rds.snapshot](aws.rds.snapshot.md) | List of snapshots for the cluster | +| tags | map[string]string | Tags for the database cluster | +| storageEncrypted | bool | Whether the cluster is encrypted | +| storageAllocated | int | The amount of storage, in GiB, provisioned on the cluster | +| storageIops | int | The storage IOPS provisioned on the cluster | +| storageType | string | The type of storage provisioned on the cluster | +| status | string | Current state of the cluster | +| createdTime | time | The creation date of the RDS cluster | +| backupRetentionPeriod | int | Number of days for which automated snapshots are retained | +| autoMinorVersionUpgrade | bool | Whether minor version patches are applied automatically | +| clusterDbInstanceClass | string | Name of the compute and memory capacity class of the cluster database instances | +| engine | string | Name of the database engine for this database cluster | +| engineVersion | string | The version of the database engine for this DB cluster | +| publiclyAccessible | bool | Whether the cluster is publicly accessible | +| multiAZ | bool | Whether the cluster is a Multi-AZ deployment | +| deletionProtection | bool | Whether deletion protection is enabled | +| securityGroups | [][aws.ec2.securitygroup](aws.ec2.securitygroup.md) | List of VPC security group elements that the database cluster belongs to | +| availabilityZones | []string | List of Availability Zones (AZs) where instances in the database cluster can be created | +| port | int | The port that the database engine is listening on | +| endpoint | string | The connection endpoint for the primary instance of the database cluster | +| hostedZoneId | string | The cluster hosted zone ID | +| masterUsername | string | The master username for the database | +| latestRestorableTime | time | The latest time to which a database can be restored with point-in-time restore | +| backupSettings | [][aws.rds.backupsetting](aws.rds.backupsetting.md) | Backup setting for the database cluster | +| engineLifecycleSupport | string | The life cycle type for the database engine. By default, this value is set to `open-source-rds-extended-support`, which enrolls your DB engine into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled`. In this case, creating the DB engine will fail if the DB major version is past its end of standard support date. | diff --git a/docs/mql/resources/aws-pack/aws.rds.dbinstance.md b/docs/mql/resources/aws-pack/aws.rds.dbinstance.md index 2dff71358..e3ae03cf3 100644 --- a/docs/mql/resources/aws-pack/aws.rds.dbinstance.md +++ b/docs/mql/resources/aws-pack/aws.rds.dbinstance.md @@ -20,36 +20,37 @@ The `aws.rds.dbinstance` resource provides fields for assessing the configuratio **Fields** -| ID | TYPE | DESCRIPTION | -| ----------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| arn | string | ARN for the database instance | -| name | string | Name of the database instance | -| backupRetentionPeriod | int | Number of days for which automated snapshots are retained | -| snapshots | [][aws.rds.snapshot](aws.rds.snapshot.md) | List of snapshots for the database instance | -| storageEncrypted | bool | Whether the instance is encrypted | -| storageAllocated | int | The amount of storage, in GiB, provisioned on the instance | -| storageIops | int | The storage IOPS provisioned on the instance | -| storageType | string | The type of storage provisioned on the instance | -| region | string | Region where the instance exists | -| availabilityZone | string | Availability zone where the instance exists | -| publiclyAccessible | bool | Whether the instance is publicly accessible | -| enabledCloudwatchLogsExports | []string | List of log types the instance is configured to export to CloudWatch logs | -| deletionProtection | bool | Whether deletion protection is enabled | -| multiAZ | bool | Whether the instance is a Multi-AZ deployment | -| id | string | Identifier for the database instance | -| enhancedMonitoringResourceArn | string | ARN of the CloudWatch log stream that receives the enhanced monitoring metrics data | -| tags | map[string]string | Tags for the database instance | -| dbInstanceClass | string | Name of the compute and memory capacity class of the database instance | -| dbInstanceIdentifier | string | User-supplied unique key that identifies a database instance | -| engine | string | Name of the database engine for this database instance | -| engineVersion | string | The version of the database engine for this database instance | -| securityGroups | [][aws.ec2.securitygroup](aws.ec2.securitygroup.md) | List of VPC security group elements that the database instance belongs to | -| status | string | Current state of this database | -| autoMinorVersionUpgrade | bool | Whether minor version patches are applied automatically | -| createdTime | time | The creation date of the RDS instance | -| port | int | The port that the database instance listens on. If the database instance is part of a DB cluster, this can be a different port than the DB cluster port. | -| endpoint | string | The connection endpoint for the database instance | -| masterUsername | string | The master username for the database instance | -| latestRestorableTime | time | The latest time to which a database can be restored with point-in-time restore | -| backupSettings | [][aws.rds.backupsetting](aws.rds.backupsetting.md) | Backup setting for the database instance | -| subnets | [][aws.vpc.subnet](aws.vpc.subnet.md) | Subnet for the RDS instance | +| ID | TYPE | DESCRIPTION | +| ----------------------------- | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| arn | string | ARN for the database instance | +| name | string | Name of the database instance | +| backupRetentionPeriod | int | Number of days for which automated snapshots are retained | +| snapshots | [][aws.rds.snapshot](aws.rds.snapshot.md) | List of snapshots for the database instance | +| storageEncrypted | bool | Whether the instance is encrypted | +| storageAllocated | int | The amount of storage, in GiB, provisioned on the instance | +| storageIops | int | The storage IOPS provisioned on the instance | +| storageType | string | The type of storage provisioned on the instance | +| region | string | Region where the instance exists | +| availabilityZone | string | Availability zone where the instance exists | +| publiclyAccessible | bool | Whether the instance is publicly accessible | +| enabledCloudwatchLogsExports | []string | List of log types the instance is configured to export to CloudWatch logs | +| deletionProtection | bool | Whether deletion protection is enabled | +| multiAZ | bool | Whether the instance is a Multi-AZ deployment | +| id | string | Identifier for the database instance | +| enhancedMonitoringResourceArn | string | ARN of the CloudWatch log stream that receives the enhanced monitoring metrics data | +| tags | map[string]string | Tags for the database instance | +| dbInstanceClass | string | Name of the compute and memory capacity class of the database instance | +| dbInstanceIdentifier | string | User-supplied unique key that identifies a database instance | +| engine | string | Name of the database engine for this database instance | +| engineVersion | string | The version of the database engine for this database instance | +| securityGroups | [][aws.ec2.securitygroup](aws.ec2.securitygroup.md) | List of VPC security group elements that the database instance belongs to | +| status | string | Current state of this database | +| autoMinorVersionUpgrade | bool | Whether minor version patches are applied automatically | +| createdTime | time | The creation date of the RDS instance | +| port | int | The port that the database instance listens on. If the database instance is part of a DB cluster, this can be a different port than the DB cluster port. | +| endpoint | string | The connection endpoint for the database instance | +| masterUsername | string | The master username for the database instance | +| latestRestorableTime | time | The latest time to which a database can be restored with point-in-time restore | +| backupSettings | [][aws.rds.backupsetting](aws.rds.backupsetting.md) | Backup setting for the database instance | +| subnets | [][aws.vpc.subnet](aws.vpc.subnet.md) | Subnet for the RDS instance | +| engineLifecycleSupport | string | The life cycle type for the database engine. By default, this value is set to `open-source-rds-extended-support`, which enrolls your DB engine into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled`. In this case, creating the DB engine will fail if the DB major version is past its end of standard support date. | diff --git a/docs/mql/resources/gitlab-pack/README.md b/docs/mql/resources/gitlab-pack/README.md index b7f833ef3..21fc3a221 100644 --- a/docs/mql/resources/gitlab-pack/README.md +++ b/docs/mql/resources/gitlab-pack/README.md @@ -12,13 +12,13 @@ The GitLab resource pack lets you use MQL to query and assess the security of yo Resources included in this pack: -| ID | DESCRIPTION | -| --------------------------------------------------------------------- | -------------------------------- | -| [gitlab.group](gitlab.group.md) | GitLab group | -| [gitlab.project](gitlab.project.md) | GitLab project | -| [gitlab.project.approvalRule](gitlab.project.approvalrule.md) | GitLab project approval rule | -| [gitlab.project.approvalSettings](gitlab.project.approvalsettings.md) | GitLab project approval settings | -| [gitlab.project.file](gitlab.project.file.md) | GitLab project file | -| [gitlab.project.member](gitlab.project.member.md) | GitLab project member | -| [gitlab.project.protectedBranch](gitlab.project.protectedbranch.md) | GitLab protected branch | -| [gitlab.project.webhook](gitlab.project.webhook.md) | GitLab project webhook | +| ID | DESCRIPTION | +| ------------------------------------------------------------------- | -------------------------------- | +| [gitlab.group](gitlab.group.md) | GitLab group | +| [gitlab.project](gitlab.project.md) | GitLab project | +| [gitlab.project.approvalRule](gitlab.project.approvalrule.md) | GitLab project approval rule | +| [gitlab.project.approvalSetting](gitlab.project.approvalsetting.md) | GitLab project approval settings | +| [gitlab.project.file](gitlab.project.file.md) | GitLab project file | +| [gitlab.project.member](gitlab.project.member.md) | GitLab project member | +| [gitlab.project.protectedBranch](gitlab.project.protectedbranch.md) | GitLab protected branch | +| [gitlab.project.webhook](gitlab.project.webhook.md) | GitLab project webhook | diff --git a/docs/mql/resources/gitlab-pack/gitlab.project.approvalsettings.md b/docs/mql/resources/gitlab-pack/gitlab.project.approvalsetting.md similarity index 88% rename from docs/mql/resources/gitlab-pack/gitlab.project.approvalsettings.md rename to docs/mql/resources/gitlab-pack/gitlab.project.approvalsetting.md index d85cdcaff..f12cde127 100644 --- a/docs/mql/resources/gitlab-pack/gitlab.project.approvalsettings.md +++ b/docs/mql/resources/gitlab-pack/gitlab.project.approvalsetting.md @@ -1,12 +1,12 @@ --- -title: gitlab.project.approvalSettings -id: gitlab.project.approvalSettings -sidebar_label: gitlab.project.approvalSettings +title: gitlab.project.approvalSetting +id: gitlab.project.approvalSetting +sidebar_label: gitlab.project.approvalSetting displayed_sidebar: MQL description: GitLab project approval settings --- -# gitlab.project.approvalSettings +# gitlab.project.approvalSetting **Description** diff --git a/docs/mql/resources/gitlab-pack/gitlab.project.md b/docs/mql/resources/gitlab-pack/gitlab.project.md index dd52c6ad6..9cdf4a073 100644 --- a/docs/mql/resources/gitlab-pack/gitlab.project.md +++ b/docs/mql/resources/gitlab-pack/gitlab.project.md @@ -46,7 +46,7 @@ GitLab project | requirementsEnabled | bool | Whether the requirements feature is enabled | | approvalRules | [][gitlab.project.approvalRule](gitlab.project.approvalrule.md) | Approval rules for the project | | mergeMethod | string | Merge methods for the project | -| approvalSettings | [gitlab.project.approvalSettings](gitlab.project.approvalsettings.md) | Approval settings for the project | +| approvalSettings | [gitlab.project.approvalSetting](gitlab.project.approvalsetting.md) | Approval settings for the project | | protectedBranches | [][gitlab.project.protectedBranch](gitlab.project.protectedbranch.md) | Protected branches settings for the project | | projectMembers | [][gitlab.project.member](gitlab.project.member.md) | List of members in the project with their roles | | projectFiles | [][gitlab.project.file](gitlab.project.file.md) | List of files in the project repository | diff --git a/releases/2024-07-16-mondoo-11.13-is-out.md b/releases/2024-07-16-mondoo-11.13-is-out.md index 5c59c1a31..88a85eaf1 100644 --- a/releases/2024-07-16-mondoo-11.13-is-out.md +++ b/releases/2024-07-16-mondoo-11.13-is-out.md @@ -37,7 +37,7 @@ Tokens may expire and accounts might change. Now you can quickly spot when integ ![Integrations showing failures](/img/releases/2024-07-16-mondoo-11.13-is-out/integrations.png) -#### Updated asset tables on individual checks +### Updated asset tables on individual checks The table of affected assets on each individual check page is now much more informative, showing last update time, additional risk factors, risk score, and asset name. It also supports multi-select for building targeted cases. diff --git a/yarn.lock b/yarn.lock index e3a802939..a61dc9ee8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3717,9 +3717,9 @@ ee-first@1.1.1: integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow== electron-to-chromium@^1.4.820: - version "1.5.2" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.2.tgz#6126ad229ce45e781ec54ca40db0504787f23d19" - integrity sha512-kc4r3U3V3WLaaZqThjYz/Y6z8tJe+7K0bbjUVo3i+LWIypVdMx5nXCkwRe6SWbY6ILqLdc1rKcKmr3HoH7wjSQ== + version "1.5.3" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.3.tgz#032bbb8661c0449656fd896e805c8f7150229a0f" + integrity sha512-QNdYSS5i8D9axWp/6XIezRObRHqaav/ur9z1VzCDUCH1XIFOr9WQk5xmgunhsTpjjgDy3oLxO/WMOVZlpUQrlA== emoji-regex@^8.0.0: version "8.0.0"