Audit Package

Modules

• Audit Module for SQL Server
  • MSSqlACR
• Audit Module for MySql
  • MySqlACR
• Audit Module for Oralce
  • OracleACR
• Audit Module for Postgres
  • PostgresACR

class kaititu.audit.AccessControlReport

Bases: abc.ABC

Abstract class for access control reports. Throughout this entity, the term Profile refers to users or roles interchangeably.

__init__(conx: sqlalchemy.engine.base.Connection) → None

abstract profile_undue_table_privileges() → polars.dataframe.frame.DataFrame

Get undue privileges for tables per profile if any. Undue privilege for tables happens when a profile isn’t owner of a table and can do any DML or DDL operation on it, except select.

Returns:

DataFrame – 6-columns dataframe with undue privileges per role

PROFILE => Role name or User name

TABLE_SCHEMA => The schema’s name of tables

TABLE_NAME => The name of table

PRIVILEGE => All role’s privilege separated by ‘|’. eg. “INSERT | UPDATE | GRANT”

INSTANCE => Database name or Service name

SOCKET => Database Host and port as string

abstract profile_with_login() → polars.dataframe.frame.DataFrame

Get users or roles that can connect (login)

Returns:

DataFrame – a 3-columns dataframe as below

PROFILE => Role name or User name

INSTANCE => Database name or Service name

SOCKET => Database Host and port as string

abstract role_without_members() → polars.dataframe.frame.DataFrame

Get roles without members

Returns:

DataFrame – 3-columns dataframe with roles that don’t have members

ROLE => Role name

INSTANCE => Database name or Service name

SOCKET => Database Host and port as string