-
Notifications
You must be signed in to change notification settings - Fork 40
/
gcp_malware_scanner.d2
executable file
·153 lines (138 loc) · 3.61 KB
/
gcp_malware_scanner.d2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#!/usr/bin/env d2 --theme 200
# gcp_malware_scanner.d2 gcp_malware_scanner.png -h # trick to eat arg
#
# vim:ts=2:sts=2:sw=2:et:filetype=d2
#
# Author: Hari Sekhon
# Date: 2023-06-30 02:59:15 +0100 (Fri, 30 Jun 2023)
#
# https://github.com/HariSekhon/Diagrams-as-Code
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
# ============================================================================ #
# G C P M a l w a r e S c a n n e r
# ============================================================================ #
direction: right
title: {
label: GCP Malware Scanner using ClamAV
near: top-center
shape: text
style.font-size: 40
style.underline: true
}
classes: {
clamav: {
label: ClamAV
# gets 403
# icon: https://www.clamav.net/assets/clamav-trademark.png
# surrounded by white
# icon: https://logowik.com/content/uploads/images/clamav2614.jpg
icon: https://developer.asustor.com/uploadIcons/0020_999_1622884177_clamav_256.png
shape: image
}
users: {
label: Users
icon: https://icons.terrastruct.com/essentials%2F359-users.svg
shape: image
}
webapp: {
label: React
icon: https://icons.terrastruct.com/dev%2Freact.svg
# icon: https://diagrams.mingrammer.com/img/resources/programming/framework/react.png
shape: image
}
pod: {
label: Kubernetes Pod
icon: https://diagrams.mingrammer.com/img/resources/k8s/compute/pod.png
shape: image
}
gcs: {
label: GCS bucket
icon: https://icons.terrastruct.com/gcp%2FProducts%20and%20services%2FStorage%2FCloud%20Storage.svg
shape: image
}
cloudrun: {
label: Cloud Run
icon: https://icons.terrastruct.com/gcp%2FProducts%20and%20services%2FCompute%2FCloud%20Run.svg
shape: image
}
gcf: {
label: Cloud Function
icon: https://icons.terrastruct.com/gcp%2FProducts%20and%20services%2FCompute%2FCloud%20Functions.svg
shape: image
}
decision: {
label: Decision
icon: https://diagrams.mingrammer.com/img/resources/programming/flowchart/decision.png
shape: image
}
animated: {
style.animated: true
}
dash: {
style.stroke-dash: 5
}
invisible: {
style.opacity: 0
}
}
users.class: users
clamav.class: clamav
gcp: Google Cloud {
_.users -> webapp: upload file
_.clamav -> gke.pod: download updates {class: dash}
webapp -> unscanned_bucket: save file
unscanned_bucket -> gcf_scan: trigger
gcf_scan -> gke.pod: scan file
gke.pod -> decision: decision
decision -> clean_bucket: yes
decision -> quarantined_bucket: no
clean_bucket -> gcf_clean: trigger
quarantined_bucket -> gcf_quarantine: trigger
# gcf_clean -> webapp: notify
# gcf_quarantine -> webapp: notify
webapp: {
label: WebApp
class: webapp
}
unscanned_bucket: {
label: Unscanned\nBucket
class: gcs
}
clean_bucket: {
label: Clean\nBucket
class: gcs
}
quarantined_bucket: {
label: Quarantined\nBucket
class: gcs
}
gcf_scan: {
class: gcf
label: Call Malware Scan\nCloud Function
}
gcf_clean: {
class: gcf
label: Notify WebApp it's Clean\nCloud Function
}
gcf_quarantine: {
class: gcf
label: Notify WebApp it's Quarantined\nCloud Function
}
gke: Google Kubernetes Engine {
# gke.class: gke
pod: {
class: pod
label: Malware Scanner pod\n(ClamAV)
}
}
decision: {
label: Decision:\nIs File Clean?
class: decision
}
}