Azure Tenant Grapher

Comprehensive Architecture & Design Documentation

📅 Generated: 🏗️ Version: 2.0 👤 Architecture Review

📋 System Overview

Azure Tenant Grapher is a comprehensive cloud infrastructure discovery, documentation, and replication tool. It discovers every resource in an Azure tenant, stores the results in a richly-typed Neo4j graph database, and offers extensive tooling for visualization, analysis, documentation, and Infrastructure-as-Code (IaC) generation.

Core Capabilities

🔍 Discovery & Scanning

Comprehensive Azure resource discovery across all subscriptions with identity import from Microsoft Graph API. Supports filtering by subscriptions and resource groups.

💾 Graph Database

Rich Neo4j graph with typed nodes, relationships, and RBAC modeling. Includes extensible relationship engine with modular rules.

📊 Visualization

Interactive 3D graph visualization with filtering, search, and ResourceGroup labels. Desktop GUI with Electron and React.

🏗️ IaC Generation

Generate Terraform, Bicep, and ARM templates from the graph with transformation rules and deployment scripts.

🤖 AI Agent Mode

Natural language queries over the graph using MCP (Model Context Protocol) and AutoGen agents.

🔐 Threat Modeling

Automated DFD creation, threat enumeration using STRIDE methodology, and comprehensive security reports.

Technology Stack

Python 3.8+ Neo4j Azure SDK TypeScript React AutoGen FastAPI

🏛️ Overall System Architecture

graph TB subgraph "External Services" Azure[Azure ARM API] Graph[Microsoft Graph API] OpenAI[Azure OpenAI] end subgraph "Data Layer" Neo4j[(Neo4j Graph DB)] end subgraph "Core Services" Discovery[Azure Discovery Service] Processing[Resource Processing Service] ContainerMgr[Container Manager] AADService[AAD Graph Service] end subgraph "IaC Engine" Traverser[Graph Traverser] Engine[IaC Engine] TFEmitter[Terraform Emitter] BicepEmitter[Bicep Emitter] ARMEmitter[ARM Emitter] Validators[Validators] end subgraph "Agent System" MCP[MCP Server] AgentMode[Agent Mode] ThreatAgent[Threat Modeling Agent] end subgraph "User Interfaces" CLI[CLI Dashboard] SPA[Electron GUI] Viz[3D Visualizer] end Azure --> Discovery Graph --> AADService Discovery --> Processing AADService --> Processing Processing --> Neo4j ContainerMgr --> Neo4j Neo4j --> Traverser Traverser --> Engine Engine --> TFEmitter Engine --> BicepEmitter Engine --> ARMEmitter Engine --> Validators Neo4j --> MCP MCP --> AgentMode MCP --> ThreatAgent OpenAI --> AgentMode OpenAI --> ThreatAgent Neo4j --> CLI Neo4j --> SPA Neo4j --> Viz CLI -.-> ContainerMgr SPA -.-> ContainerMgr style Neo4j fill:#008cc1,color:#fff style Azure fill:#0078d4,color:#fff style Graph fill:#0078d4,color:#fff style OpenAI fill:#10a37f,color:#fff

Architecture Principles

  • Separation of Concerns: Clear boundaries between discovery, storage, transformation, and presentation layers
  • Async Processing: Core services use asyncio for concurrent API calls and improved performance
  • Extensibility: Plugin-based relationship rules, multiple IaC formats via emitters, modular validators
  • Graph-Native: Neo4j as the source of truth for all resource relationships and queries
  • Multi-Interface: CLI, GUI, and agent-based interfaces for different user workflows

🧩 Module Architecture

Core Services Module

graph LR subgraph "src/services/" ADS[Azure Discovery Service] RPS[Resource Processing Service] AAD[AAD Graph Service] TenantMgr[Tenant Manager] Identity[Identity Collector] Filter[Discovery Filter Service] end subgraph "src/" RP[Resource Processor] CM[Container Manager] SM[Session Manager] end ADS --> RPS AAD --> RPS Filter --> ADS RPS --> RP RP --> SM SM --> Neo4j[(Neo4j)] CM --> Neo4j Identity --> AAD TenantMgr --> RPS style Neo4j fill:#008cc1,color:#fff

Azure Discovery Service

src/services/azure_discovery_service.py - Discovers Azure resources using Azure SDK with pagination and rate limiting support.

Resource Processing Service

src/services/resource_processing_service.py (110 lines) - Orchestrates resource processing, coordinates AAD import, and manages concurrent processing with progress tracking.

Container Manager

src/container_manager.py (746 lines) - Manages Neo4j Docker container lifecycle including:

Relationship Rules Engine

graph TB Base[Relationship Rule Base] Base --> Network[Network Rule] Base --> Identity[Identity Rule] Base --> Diagnostic[Diagnostic Rule] Base --> Monitoring[Monitoring Rule] Base --> Creator[Creator Rule] Base --> Region[Region Rule] Base --> Tag[Tag Rule] Base --> Secret[Secret Rule] Base --> DependsOn[Depends On Rule] Base --> Subnet[Subnet Extraction Rule] Network --> |CONNECTED_TO| Graph[(Neo4j Graph)] Identity --> |USES_IDENTITY| Graph Diagnostic --> |LOGS_TO| Graph Monitoring --> |MONITORS| Graph Creator --> |CREATED_BY| Graph Region --> |REGION_OF| Graph Tag --> |TAGGED_WITH| Graph Secret --> |STORES_SECRET_IN| Graph DependsOn --> |DEPENDS_ON| Graph Subnet --> |SUBNET_OF| Graph style Base fill:#764ba2,color:#fff style Graph fill:#008cc1,color:#fff

The relationship rules system is modular and extensible. Each rule implements the RelationshipRule interface and can create specific types of relationships in the graph. Rules are registered in src/relationship_rules/__init__.py.

IaC Generation Module

graph TB CLI[CLI Command] --> Handler[IaC Handler] Handler --> Engine[IaC Engine] Engine --> Traverser[Graph Traverser] Engine --> Filters[Subset Filters] Engine --> Transform[Transformation Rules] Engine --> Validators[Validators] Traverser --> Neo4j[(Neo4j)] Engine --> Emitters{Format?} Emitters --> |terraform| TF[Terraform Emitter
2126 lines] Emitters --> |bicep| Bicep[Bicep Emitter
479 lines] Emitters --> |arm| ARM[ARM Emitter
473 lines] Validators --> SubnetVal[Subnet Validator] Validators --> AddrVal[Address Space Validator] Validators --> TFVal[Terraform Validator] TF --> Output[main.tf.json] Bicep --> Output2[main.bicep] ARM --> Output3[template.json] Engine --> DeployScript[deploy.sh] style Engine fill:#667eea,color:#fff style Neo4j fill:#008cc1,color:#fff

Key Components

🌊 Data Flow Architecture

Discovery to Graph Flow

sequenceDiagram participant User participant CLI participant Discovery participant Azure participant AAD participant Processing participant RelRules participant Neo4j User->>CLI: atg scan --tenant-id TENANT_ID CLI->>CLI: Setup Neo4j Container CLI->>Discovery: Start Discovery par Parallel Discovery Discovery->>Azure: List Subscriptions Azure-->>Discovery: Subscription List Discovery->>Azure: Discover Resources (paginated) Azure-->>Discovery: Resources Batch and AAD Import Discovery->>AAD: Get Users AAD-->>Discovery: User List Discovery->>AAD: Get Groups AAD-->>Discovery: Group List end Discovery->>Processing: Process Resources loop For Each Resource Processing->>Neo4j: Create Resource Node Processing->>RelRules: Apply Relationship Rules RelRules->>Neo4j: Create Relationships end Neo4j-->>CLI: Stats & Progress CLI-->>User: Completion Report

Graph to IaC Flow

sequenceDiagram participant User participant CLI participant Handler participant Engine participant Traverser participant Neo4j participant Validators participant Emitter participant FS User->>CLI: atg generate-iac --format terraform CLI->>Handler: generate_iac_command_handler() Handler->>Engine: generate() Engine->>Traverser: traverse() Traverser->>Neo4j: MATCH (r:Resource)... Neo4j-->>Traverser: TenantGraph{resources, relationships} Traverser-->>Engine: TenantGraph Engine->>Engine: Apply Subset Filters Engine->>Engine: Apply Transformation Rules Engine->>Validators: validate_address_spaces() Validators-->>Engine: ValidationResult alt Has Conflicts Engine->>User: ⚠️ Warning: Address space conflicts end Engine->>Emitter: emit(TenantGraph) Emitter->>Emitter: Convert to Terraform Emitter->>FS: Write main.tf.json Emitter->>FS: Write variables.tf.json Emitter->>FS: Write deploy.sh FS-->>User: ✅ IaC Generated: ./output/

Agent Mode Query Flow

sequenceDiagram participant User participant AgentMode participant Workbench participant MCP participant Neo4j participant LLM User->>AgentMode: "How many storage resources?" AgentMode->>Workbench: list_tools() Workbench-->>AgentMode: [get_neo4j_schema, read_neo4j_cypher] AgentMode->>Workbench: call_tool(get_neo4j_schema) Workbench->>MCP: get_neo4j_schema MCP->>Neo4j: CALL db.schema.visualization() Neo4j-->>MCP: Schema JSON MCP-->>AgentMode: Schema AgentMode->>LLM: Generate Cypher Query Note over AgentMode,LLM: Prompt includes schema + question LLM-->>AgentMode: MATCH (r:Resource) WHERE... AgentMode->>Workbench: call_tool(read_neo4j_cypher, query) Workbench->>MCP: read_neo4j_cypher MCP->>Neo4j: Execute Cypher Query Neo4j-->>MCP: Query Results MCP-->>AgentMode: Results JSON AgentMode->>LLM: Format Answer LLM-->>AgentMode: Natural Language Answer AgentMode-->>User: "There are 3 storage resources in the tenant."

🔄 Workflow Diagrams

Scanning Workflow

flowchart TD Start([User: atg scan]) --> CheckDocker{Docker
Available?} CheckDocker -->|No| InstallPrompt[Prompt to Install Docker] InstallPrompt --> Exit1([Exit]) CheckDocker -->|Yes| CheckNeo4j{Neo4j
Running?} CheckNeo4j -->|No| StartNeo4j[Start Neo4j Container] StartNeo4j --> WaitReady[Wait for Readiness] WaitReady --> RunMigrations[Run Database Migrations] CheckNeo4j -->|Yes| RunMigrations RunMigrations --> AuthCheck{Azure
Authenticated?} AuthCheck -->|No| AuthPrompt[Prompt: az login] AuthPrompt --> Exit2([Exit]) AuthCheck -->|Yes| StartDashboard[Launch CLI Dashboard] StartDashboard --> InitDiscovery[Initialize Discovery Service] InitDiscovery --> ListSubs[List Subscriptions] ListSubs --> FilterCheck{Filters
Applied?} FilterCheck -->|Yes| ApplyFilters[Apply Subscription/RG Filters] FilterCheck -->|No| DiscoverAll[Discover All Resources] ApplyFilters --> DiscoverFiltered[Discover Filtered Resources] DiscoverFiltered --> ProcessResources DiscoverAll --> ProcessResources[Process Resources] ProcessResources --> AADCheck{AAD Import
Enabled?} AADCheck -->|Yes| ImportAAD[Import Users & Groups] AADCheck -->|No| CreateNodes ImportAAD --> CreateNodes[Create Neo4j Nodes] CreateNodes --> ApplyRules[Apply Relationship Rules] ApplyRules --> GenMetrics[Generate Metrics] GenMetrics --> Complete([Scan Complete]) style Start fill:#667eea,color:#fff style Complete fill:#28a745,color:#fff style Exit1 fill:#dc3545,color:#fff style Exit2 fill:#dc3545,color:#fff

IaC Generation & Deployment Workflow

flowchart TD Start([User: atg generate-iac]) --> ValidateGraph{Graph
Exists?} ValidateGraph -->|No| Error1[Error: Run scan first] Error1 --> Exit1([Exit]) ValidateGraph -->|Yes| TraverseGraph[Traverse Neo4j Graph] TraverseGraph --> SubsetFilter{Subset
Filter?} SubsetFilter -->|Yes| ApplySubset[Apply Subset Filter] SubsetFilter -->|No| TransformRules ApplySubset --> TransformRules{Transform
Rules?} TransformRules -->|Yes| ApplyTransform[Apply Transformation Rules] TransformRules -->|No| ValidateAddr ApplyTransform --> ValidateAddr[Validate Address Spaces] ValidateAddr --> ConflictCheck{Conflicts
Found?} ConflictCheck -->|Yes| AutoFix{Auto-fix
Enabled?} AutoFix -->|Yes| FixConflicts[Fix Address Conflicts] AutoFix -->|No| LogWarning[Log Warnings] FixConflicts --> SelectFormat ConflictCheck -->|No| SelectFormat LogWarning --> SelectFormat SelectFormat{Format?} -->|terraform| TFEmit[Terraform Emitter] SelectFormat -->|bicep| BicepEmit[Bicep Emitter] SelectFormat -->|arm| ARMEmit[ARM Emitter] TFEmit --> GenFiles[Generate IaC Files] BicepEmit --> GenFiles ARMEmit --> GenFiles GenFiles --> GenScript[Generate deploy.sh] GenScript --> Complete([Generation Complete]) Complete --> UserDeploy{User runs
./deploy.sh?} UserDeploy -->|Yes| AzAuth{Azure
Authenticated?} UserDeploy -->|No| ManualDeploy[Manual Deployment] AzAuth -->|No| RunLogin[az login] RunLogin --> ValidatePlan AzAuth -->|Yes| ValidatePlan[Validate/Plan] ValidatePlan --> ReviewPlan{User
Approves?} ReviewPlan -->|No| CancelDeploy([Cancelled]) ReviewPlan -->|Yes| Deploy[Deploy Resources] Deploy --> Monitor[Monitor Deployment] Monitor --> DeployComplete([Deployment Complete]) style Start fill:#667eea,color:#fff style Complete fill:#28a745,color:#fff style DeployComplete fill:#28a745,color:#fff style Exit1 fill:#dc3545,color:#fff style CancelDeploy fill:#ffc107,color:#000

Undeployment Workflow

flowchart TD Start([User: atg undeploy]) --> ListDeploy[List Active Deployments] ListDeploy --> SelectDeploy{Select
Deployment} SelectDeploy --> LoadState[Load Deployment State] LoadState --> AnalyzeDeps[Analyze Resource Dependencies] AnalyzeDeps --> OrderDeletion[Order Deletion Sequence] OrderDeletion --> Confirm{User
Confirms?} Confirm -->|No| Cancel([Cancelled]) Confirm -->|Yes| DeleteResources[Delete Resources] DeleteResources --> MonitorDeletion[Monitor Deletion Progress] MonitorDeletion --> CheckComplete{All
Deleted?} CheckComplete -->|No| RetryFailed{Retry
Failed?} CheckComplete -->|Yes| CleanState[Clean Deployment State] RetryFailed -->|Yes| DeleteResources RetryFailed -->|No| PartialClean[Partial Cleanup] PartialClean --> Report[Generate Failure Report] CleanState --> Complete([Undeploy Complete]) Report --> Exit([Exit with Warnings]) style Start fill:#667eea,color:#fff style Complete fill:#28a745,color:#fff style Cancel fill:#ffc107,color:#000 style Exit fill:#fd7e14,color:#fff

🤖 Agent Mode & MCP Architecture

Agent Mode System

graph TB User[User] --> CLI[CLI: atg agent-mode] CLI --> Startup[Ensure Neo4j Running] Startup --> InitMCP[Initialize MCP Workbench] InitMCP --> MCPServer[MCP Server Process] MCPServer --> Tools[Available Tools] Tools --> Tool1[get_neo4j_schema] Tools --> Tool2[read_neo4j_cypher] Tools --> Tool3[write_neo4j_cypher] InitMCP --> InitLLM[Initialize Azure OpenAI Client] InitLLM --> Assistant[AutoGen Assistant Agent] Assistant --> Workbench[MCP Workbench] Workbench --> MCPServer User --> |Question| Assistant Assistant --> |1. Get Schema| Tool1 Tool1 --> Neo4j[(Neo4j)] Neo4j --> |Schema| Assistant Assistant --> |2. Generate Query| LLM[Azure OpenAI] LLM --> |Cypher Query| Assistant Assistant --> |3. Execute Query| Tool2 Tool2 --> Neo4j Neo4j --> |Results| Assistant Assistant --> |4. Format Answer| LLM LLM --> |Natural Language| Assistant Assistant --> User style Neo4j fill:#008cc1,color:#fff style LLM fill:#10a37f,color:#fff style Assistant fill:#764ba2,color:#fff

MCP Integration Details

The agent mode leverages the Model Context Protocol (MCP) to provide a standardized interface between the LLM and Neo4j database. Key components:

  • src/mcp_server.py - Launches the MCP server process (uvx mcp-neo4j-cypher)
  • src/agent_mode.py - Orchestrates the agent workflow with multi-step tool chaining
  • AutoGen Integration: Uses AutoGen's AssistantAgent with MCP workbench for tool calling
  • Two Modes: Interactive REPL and single-question mode

Threat Modeling Agent

graph TB User[User] --> ThreatCLI[atg threat-model] ThreatCLI --> LoadSpec[Load Tenant Spec] LoadSpec --> ThreatAgent[Threat Modeling Agent] ThreatAgent --> DFD[DFD Builder] ThreatAgent --> Enum[Threat Enumerator] ThreatAgent --> ASB[ASB Mapper] ThreatAgent --> Report[Report Builder] DFD --> |Identify Components| Neo4j[(Neo4j)] DFD --> |Generate DFD| Mermaid[Mermaid Diagram] Enum --> |STRIDE Analysis| Threats[Threat Categories] Threats --> Spoofing Threats --> Tampering Threats --> Repudiation Threats --> InfoDisclosure[Information Disclosure] Threats --> DoS[Denial of Service] Threats --> ElevationPriv[Elevation of Privilege] ASB --> |Map to Controls| AzureSecBaseline[Azure Security Baseline] Report --> MDReport[threat_model_report.md] Report --> JSONData[threat_data.json] style Neo4j fill:#008cc1,color:#fff style ThreatAgent fill:#dc3545,color:#fff

🖥️ SPA/GUI Architecture

Electron Application Architecture

graph TB subgraph "Main Process (Node.js)" Main[index.ts
App Lifecycle] IPC[IPC Handlers] ProcMgr[Process Manager] Menu[Application Menu] end subgraph "Renderer Process (React)" App[App.tsx] Tabs[Tab Components] Context[React Context] Hooks[Custom Hooks] end subgraph "CLI Integration" CLI[Python CLI] WebSocket[WebSocket Server] Logs[Log Streaming] end subgraph "Backend (Express)" API[API Routes] Neo4jConn[Neo4j Connection] end Main --> IPC Main --> ProcMgr Main --> Menu IPC <--> App App --> Tabs App --> Context Tabs --> Hooks ProcMgr --> CLI CLI --> WebSocket WebSocket --> Logs Logs --> Context Tabs --> API API --> Neo4jConn Neo4jConn --> Neo4j[(Neo4j)] style Main fill:#764ba2,color:#fff style App fill:#61dafb,color:#000 style Neo4j fill:#008cc1,color:#fff

Key GUI Features

📊 Status Tab

Dashboard showing Neo4j status, resource counts, and system health metrics.

🔍 Scan Tab

Interactive scanning interface with real-time progress tracking and log streaming.

📝 Generate Spec Tab

Generate tenant specifications with format options (YAML/JSON/Markdown).

🏗️ Generate IaC Tab

IaC generation interface with format selection, subset filtering, and transformation rules.

🎨 Visualize Tab

3D graph visualization with search, filtering, and navigation controls.

🤖 Agent Mode Tab

Interactive chat interface for natural language queries over the graph.

🔐 Threat Model Tab

Generate threat models and security reports for the tenant.

⚙️ Config Tab

Manage environment variables and Azure credentials.

IPC Communication Pattern

sequenceDiagram participant Renderer participant Main participant CLI participant Neo4j Renderer->>Main: IPC: start-scan Main->>Main: Spawn CLI Process Main->>CLI: python -m scripts.cli scan loop Real-time Updates CLI->>Main: stdout/stderr Main->>Renderer: IPC: scan-progress Renderer->>Renderer: Update UI end CLI->>Neo4j: Write Resources CLI->>Main: Process Exit Main->>Renderer: IPC: scan-complete Renderer->>Main: IPC: get-stats Main->>Neo4j: Query Stats Neo4j-->>Main: Stats Data Main-->>Renderer: IPC: stats-data Renderer->>Renderer: Update Dashboard

🔐 Threat Model & Security Analysis

This threat model follows the Microsoft Threat Modeling Tool methodology using the STRIDE framework. The analysis focuses on the current architecture: a single-user development tool running on a developer's system using Docker for the database.

System Context & Trust Boundaries

graph TB subgraph "Trust Boundary: Developer Workstation" CLI[CLI Process
User Context] GUI[Electron GUI
User Context] Neo4jContainer[Neo4j Container
Docker] LocalFS[Local File System] end subgraph "Trust Boundary: Azure Cloud" AzureARM[Azure ARM API
HTTPS] GraphAPI[Microsoft Graph API
HTTPS] OpenAI[Azure OpenAI
HTTPS] end subgraph "Trust Boundary: Internet" PyPI[PyPI/npm
Dependencies] DockerHub[Docker Hub
Images] end CLI -->|Auth Token| AzureARM CLI -->|Auth Token| GraphAPI CLI -->|API Key| OpenAI CLI -->|bolt://| Neo4jContainer GUI -->|spawn| CLI GUI -->|bolt://| Neo4jContainer CLI -->|Read/Write| LocalFS GUI -->|Read/Write| LocalFS CLI -.->|Install| PyPI GUI -.->|Install| PyPI Neo4jContainer -.->|Pull| DockerHub style CLI fill:#667eea,color:#fff style GUI fill:#61dafb,color:#000 style Neo4jContainer fill:#008cc1,color:#fff

STRIDE Analysis

🎭 Spoofing

Threat Impact Mitigation
T1: Malicious process impersonates CLI/GUI to access Neo4j HIGH - Unauthorized access to sensitive tenant data ✅ Neo4j requires password authentication. ⚠️ Password stored in .env file (file permissions critical)
T2: Stolen Azure credentials used to scan wrong tenant MEDIUM - Unauthorized tenant discovery ✅ Uses Azure CLI authentication (tokens time-limited). ⚠️ No additional verification of tenant ID
T3: Man-in-the-middle attack on localhost Neo4j connection LOW - Requires local access ⚠️ bolt:// protocol not encrypted. ✅ localhost-only reduces exposure

🔧 Tampering

Threat Impact Mitigation
T4: Malicious modification of graph data in Neo4j CRITICAL - Corrupted infrastructure documentation leading to failed deployments ⚠️ No audit logging of graph changes. ⚠️ No backup automation by default
T5: Tampering with generated IaC before deployment CRITICAL - Deployment of malicious infrastructure ❌ No integrity checks on generated files. ✅ User reviews in deploy.sh
T6: Modified .env file with malicious credentials HIGH - Unauthorized access to Azure resources or LLM usage ⚠️ .env file has user-only permissions. ❌ No integrity verification
T7: Supply chain attack via compromised dependencies CRITICAL - Arbitrary code execution ✅ uv.lock pins versions. ⚠️ No vulnerability scanning in CI

📝 Repudiation

Threat Impact Mitigation
T8: No audit trail for scan operations MEDIUM - Cannot prove who scanned tenant ✅ Logs stored in logs/ directory. ⚠️ Logs not signed or timestamped
T9: No audit trail for IaC deployments HIGH - Cannot prove who deployed what resources ✅ Azure Activity Log tracks deployments. ❌ No local deployment records

🔓 Information Disclosure

Threat Impact Mitigation
T10: Neo4j data exposed if Docker port is exposed CRITICAL - Full tenant data exposure ✅ Default docker-compose binds to localhost only. ⚠️ User can modify
T11: Credentials in .env file exposed CRITICAL - Azure tenant compromise, API key theft ✅ .env in .gitignore. ⚠️ File permissions not enforced. ❌ No encryption
T12: Secrets stored in Neo4j graph HIGH - Key Vault secrets, connection strings exposed ⚠️ Graph stores full resource properties. ❌ No secret redaction. ⚠️ Database not encrypted at rest by default
T13: Generated IaC files contain sensitive data HIGH - Secrets, keys, connection strings in plain text ⚠️ Output directory permissions user-only. ❌ No secret detection
T14: Logs contain sensitive information MEDIUM - Resource names, IDs, configuration details ⚠️ Logs stored locally with user permissions. ❌ No sensitive data filtering

⛔ Denial of Service

Threat Impact Mitigation
T15: Resource exhaustion from scanning large tenants MEDIUM - Developer workstation becomes unresponsive ✅ Rate limiting in discovery service. ✅ Pagination support. ⚠️ No memory limits
T16: Neo4j container consumes excessive resources MEDIUM - System performance degradation ⚠️ No resource limits in docker-compose. ✅ Can be configured by user
T17: Disk space exhaustion from graph data LOW - Tool stops working ✅ Backup and cleanup utilities available. ⚠️ No automatic cleanup

⬆️ Elevation of Privilege

Threat Impact Mitigation
T18: Docker socket access enables container escape HIGH - Full system compromise ✅ Tool only manages Neo4j container. ⚠️ User must have Docker access. ❌ No additional sandboxing
T19: Malicious deployment script execution CRITICAL - Arbitrary Azure resource creation ⚠️ deploy.sh generated with user review expected. ❌ No script validation
T20: Agent mode LLM prompt injection HIGH - Unauthorized graph queries or modifications ✅ System message restricts agent scope. ⚠️ No query validation. ⚠️ write_neo4j_cypher tool available

Security Recommendations

🔴 Critical Priority
  • Implement secret detection and redaction in graph ingestion
  • Add integrity checks for generated IaC files
  • Enable Neo4j encryption at rest
  • Implement dependency vulnerability scanning in CI
🟠 High Priority
  • Add audit logging for all graph modifications
  • Implement .env file encryption or secure secret management
  • Add Neo4j bolt+s:// (TLS) connection support
  • Restrict agent mode to read-only queries
🟡 Medium Priority
  • Implement automated backup scheduling
  • Add resource limits to docker-compose
  • Implement sensitive data filtering in logs
  • Add deployment record tracking
🟢 Low Priority
  • Implement disk space monitoring and alerts
  • Add tenant ID verification prompts
  • Enhanced script validation for generated files

Assumptions & Constraints

  • Single User Tool: Designed for use by individual developers on their local machines, not as a multi-tenant service
  • Trusted Environment: Assumes the developer's workstation is secure and not compromised
  • Azure Trust: Relies on Azure ARM/Graph API security and authentication mechanisms
  • Docker Dependency: Requires Docker to be installed and running with appropriate user permissions
  • Network Access: Requires internet access for Azure APIs, OpenAI, and package downloads