Documentation ¶
Index ¶
- Variables
- func LabelsToRuleStructure(labels []Label) ([][]Label, error)
- func ParseObjectType(href string) string
- func ProtocolList() map[int]string
- type APIKey
- type APIResponse
- type Actors
- type Agent
- type AgentHealth
- type AgentHealthErrors
- type AsyncTrafficQuery
- type Authentication
- type BulkResponse
- type ChangeSubset
- type CompatibilityReport
- type Conditions
- type Config
- type Consumers
- type ConsumingSecurityPrincipals
- type ContainerCluster
- type ContainerWorkloadProfile
- type ContainerWorkloadProfileAssignLabel
- type ContainerWorkloadProfileLabel
- type ContainerWorkloadProfileLabelAssignment
- type ContainerWorkloadProfileLabelRestriction
- type CreatedBy
- type DeletedBy
- type Destinations
- type DiscoveredVirtualServer
- type Dst
- type EnforcementBoundary
- type Error
- type Event
- type EventCreatedBy
- type Exclude
- type ExpSrv
- type ExplorerServices
- type FQDN
- type FirewallSettings
- type FlowFilter
- type FlowUploadResp
- type IPAddress
- type IPList
- type IPRange
- type IPTablesRules
- type IllumioSecurityTemplate
- type IllumioSecurityTemplateFile
- type Include
- type IncreaseTrafficUpdateReq
- type Info
- type IngressServices
- type Interface
- type Label
- type LabelDimension
- type LabelDimensionUsage
- type LabelGroup
- type LabelUsage
- type LatestEvent
- type LoadInput
- type Network
- type Notifications
- type OpenServicePorts
- type Org
- type PCE
- func (p *PCE) BulkVS(virtualServices []VirtualService, method string) ([]APIResponse, error)
- func (p *PCE) BulkWorkload(workloads []Workload, method string, stdoutLogs bool) ([]APIResponse, error)
- func (p *PCE) CreateADUserGroup(group ConsumingSecurityPrincipals) (createdGroup ConsumingSecurityPrincipals, api APIResponse, err error)
- func (p *PCE) CreateAsyncTrafficRequest(t TrafficAnalysisRequest) (asyncQuery AsyncTrafficQuery, api APIResponse, err error)
- func (p *PCE) CreateEnforcementBoundary(eb EnforcementBoundary) (createdEB EnforcementBoundary, api APIResponse, err error)
- func (p *PCE) CreateFlowFilter(flowFilter FlowFilter) (createdFlowFilter FlowFilter, api APIResponse, err error)
- func (p *PCE) CreateIPList(ipList IPList) (createdIPL IPList, api APIResponse, err error)
- func (p *PCE) CreateLabel(label Label) (createdLabel Label, api APIResponse, err error)
- func (p *PCE) CreateLabelGroup(labelGroup LabelGroup) (createdLabelGroup LabelGroup, api APIResponse, err error)
- func (p *PCE) CreatePairingKey(pairingProfile PairingProfile) (pairingKey PairingKey, api APIResponse, err error)
- func (p *PCE) CreatePairingProfile(pairingProfile PairingProfile) (createdPairingProfile PairingProfile, api APIResponse, err error)
- func (p *PCE) CreateRule(rulesetHref string, rule Rule) (createdRule Rule, api APIResponse, err error)
- func (p *PCE) CreateRuleSet(rs RuleSet) (createdRS RuleSet, api APIResponse, err error)deprecated
- func (p *PCE) CreateRuleSetRule(rulesetHref string, rule Rule) (Rule, APIResponse, error)deprecated
- func (p *PCE) CreateRuleset(rs RuleSet) (createdRS RuleSet, api APIResponse, err error)
- func (p *PCE) CreateService(service Service) (createdService Service, api APIResponse, err error)
- func (p *PCE) CreateServiceBinding(serviceBindings []ServiceBinding) (createdServiceBindings []ServiceBinding, api APIResponse, err error)
- func (p *PCE) CreateTrafficRequest(t TrafficAnalysisRequest) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
- func (p *PCE) CreateVirtualService(virtualService VirtualService) (createdVirtualService VirtualService, api APIResponse, err error)
- func (p *PCE) CreateWkld(wkld Workload) (Workload, APIResponse, error)
- func (p *PCE) CreateWorkload(wkld Workload) (Workload, APIResponse, error)deprecated
- func (p *PCE) DeleteEnforcementBoundary(eb EnforcementBoundary) (APIResponse, error)
- func (p *PCE) DeleteHref(href string) (APIResponse, error)
- func (p *PCE) ExpandLabelGroup(href string) (labelHrefs []string)
- func (p *PCE) FindObject(href string) (key, name string, err error)
- func (p *PCE) GetADUserGroups(queryParameters map[string]string) (groups []ConsumingSecurityPrincipals, api APIResponse, err error)
- func (p *PCE) GetAllADUserGroups() ([]ConsumingSecurityPrincipals, APIResponse, error)deprecated
- func (p *PCE) GetAllAPIKeys(userHref string) ([]APIKey, APIResponse, error)
- func (p *PCE) GetAllActiveIPLists() ([]IPList, APIResponse, error)deprecated
- func (p *PCE) GetAllContainerClusters(queryParameters map[string]string) (containerClusters []ContainerCluster, api APIResponse, err error)deprecated
- func (p *PCE) GetAllContainerWorkloadProfiles(queryParameters map[string]string, containerClusterID string) ([]ContainerWorkloadProfile, APIResponse, error)deprecated
- func (p *PCE) GetAllContainerWorkloads(queryParameters map[string]string) ([]Workload, APIResponse, error)deprecated
- func (p *PCE) GetAllDraftIPLists() ([]IPList, APIResponse, error)deprecated
- func (p *PCE) GetAllEvents(queryParameters map[string]string) ([]Event, APIResponse, error)deprecated
- func (p *PCE) GetAllIPLists() ([]IPList, []APIResponse, error)deprecated
- func (p *PCE) GetAllLabelGroups(pStatus string) ([]LabelGroup, APIResponse, error)deprecated
- func (p *PCE) GetAllLabels() ([]Label, APIResponse, error)deprecated
- func (p *PCE) GetAllLabelsQP(queryParameters map[string]string) ([]Label, APIResponse, error)deprecated
- func (p *PCE) GetAllPairingProfiles() ([]PairingProfile, APIResponse, error)deprecated
- func (p *PCE) GetAllPending() (ChangeSubset, APIResponse, error)deprecated
- func (p *PCE) GetAllRuleSets(pStatus string) ([]RuleSet, APIResponse, error)deprecated
- func (p *PCE) GetAllRuleSetsQP(queryParameters map[string]string, pStatus string) ([]RuleSet, APIResponse, error)deprecated
- func (p *PCE) GetAllServiceBindings(virtualService VirtualService) ([]ServiceBinding, APIResponse, error)deprecated
- func (p *PCE) GetAllServices(pStatus string) ([]Service, APIResponse, error)deprecated
- func (p *PCE) GetAllVens(queryParameters map[string]string) ([]VEN, APIResponse, error)deprecated
- func (p *PCE) GetAllVirtualServers(pStatus string) ([]VirtualServer, APIResponse, error)deprecated
- func (p *PCE) GetAllVirtualServices(queryParameters map[string]string, pStatus string) ([]VirtualService, APIResponse, error)deprecated
- func (p *PCE) GetAllVulnReports() ([]VulnerabilityReport, APIResponse, error)deprecated
- func (p *PCE) GetAllVulns() ([]Vulnerability, APIResponse, error)deprecated
- func (p *PCE) GetAllWorkloads() ([]Workload, APIResponse, error)deprecated
- func (p *PCE) GetAllWorkloadsQP(queryParameters map[string]string) ([]Workload, APIResponse, error)deprecated
- func (p *PCE) GetAsyncQueries(queryParameters map[string]string) (asyncQueries []AsyncTrafficQuery, api APIResponse, err error)
- func (p *PCE) GetAsyncQueryResults(aq AsyncTrafficQuery) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
- func (p *PCE) GetCollection(endpoint string, async bool, queryParameters map[string]string, ...) (APIResponse, error)
- func (p *PCE) GetCollectionHeaders(endpoint string, async bool, queryParameters, headers map[string]string, ...) (APIResponse, error)
- func (p *PCE) GetCompatibilityReport(w Workload) (cr CompatibilityReport, api APIResponse, err error)
- func (p *PCE) GetContainerClusters(queryParameters map[string]string) (containerClusters []ContainerCluster, api APIResponse, err error)
- func (p *PCE) GetContainerWkldProfiles(queryParameters map[string]string, containerClusterID string) (containerWkldProfiles []ContainerWorkloadProfile, api APIResponse, err error)
- func (p *PCE) GetContainerWklds(queryParameters map[string]string) (containerWklds []Workload, api APIResponse, err error)
- func (p *PCE) GetEnforcementBoundaries(queryParameters map[string]string, pStatus string) (ebs []EnforcementBoundary, api APIResponse, err error)
- func (p *PCE) GetEnforcementBoundaryByHref(href string) (eb EnforcementBoundary, api APIResponse, err error)
- func (p *PCE) GetEvents(queryParameters map[string]string) (events []Event, api APIResponse, err error)
- func (p *PCE) GetHref(href string, response interface{}) (APIResponse, error)
- func (p *PCE) GetIPList(name string, pStatus string) (IPList, APIResponse, error)deprecated
- func (p *PCE) GetIPListByName(name string, pStatus string) (IPList, APIResponse, error)
- func (p *PCE) GetIPLists(queryParameters map[string]string, pStatus string) (ipLists []IPList, api APIResponse, err error)
- func (p *PCE) GetLabelByHref(href string) (Label, APIResponse, error)
- func (p *PCE) GetLabelByKeyValue(key, value string) (Label, APIResponse, error)
- func (p *PCE) GetLabelDimensions(queryParameters map[string]string) (labelDimensions []LabelDimension, api APIResponse, err error)
- func (p *PCE) GetLabelGroups(queryParameters map[string]string, pStatus string) (labelGroups []LabelGroup, api APIResponse, err error)
- func (p *PCE) GetLabelbyHref(href string) (Label, APIResponse, error)deprecated
- func (p *PCE) GetLabelbyKeyValue(key, value string) (Label, APIResponse, error)deprecated
- func (p *PCE) GetLabels(queryParameters map[string]string) (labels []Label, api APIResponse, err error)
- func (p *PCE) GetPairingProfiles(queryParameters map[string]string) (pairingProfiles []PairingProfile, api APIResponse, err error)
- func (p *PCE) GetPendingChanges() (cs ChangeSubset, api APIResponse, err error)
- func (p *PCE) GetRuleByHref(href string) (rule Rule, api APIResponse, err error)
- func (p *PCE) GetRuleSetByHref(href string) (RuleSet, APIResponse, error)deprecated
- func (p *PCE) GetRuleSetMapName(pStatus string) (map[string]RuleSet, APIResponse, error)deprecated
- func (p *PCE) GetRuleSetRuleByHref(href string) (Rule, APIResponse, error)deprecated
- func (p *PCE) GetRulesetByHref(href string) (ruleset RuleSet, api APIResponse, err error)
- func (p *PCE) GetRulesets(queryParameters map[string]string, pStatus string) (ruleSets []RuleSet, api APIResponse, err error)
- func (p *PCE) GetServiceBindings(queryParameters map[string]string) (serviceBindings []ServiceBinding, api APIResponse, err error)
- func (p *PCE) GetServices(queryParameters map[string]string, pStatus string) (services []Service, api APIResponse, err error)
- func (p *PCE) GetTrafficAnalysis(q TrafficQuery) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
- func (p *PCE) GetTrafficAnalysisAPI(t TrafficAnalysisRequest) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)deprecated
- func (p *PCE) GetVenByHostname(hostname string) (VEN, APIResponse, error)
- func (p *PCE) GetVenByHref(href string) (ven VEN, api APIResponse, err error)
- func (p *PCE) GetVens(queryParameters map[string]string) (vens []VEN, api APIResponse, err error)
- func (p *PCE) GetVersion() (version Version, api APIResponse, err error)
- func (p *PCE) GetVirtualServers(queryParameters map[string]string, pStatus string) (virtualServers []VirtualServer, api APIResponse, err error)
- func (p *PCE) GetVirtualServiceByHref(href string) (virtualService VirtualService, api APIResponse, err error)
- func (p *PCE) GetVirtualServiceByName(name string, pStatus string) (VirtualService, APIResponse, error)
- func (p *PCE) GetVirtualServices(queryParameters map[string]string, pStatus string) (virtualServices []VirtualService, api APIResponse, err error)
- func (p *PCE) GetVulnReports(queryParameters map[string]string) (vulnReports []VulnerabilityReport, api APIResponse, err error)
- func (p *PCE) GetVulns(queryParameters map[string]string) (vulns []Vulnerability, api APIResponse, err error)
- func (p *PCE) GetWkldByHostname(hostname string) (Workload, APIResponse, error)
- func (p *PCE) GetWkldByHref(href string) (Workload, APIResponse, error)
- func (p *PCE) GetWkldHostMap() (map[string]Workload, APIResponse, error)deprecated
- func (p *PCE) GetWkldHrefMap() (map[string]Workload, APIResponse, error)deprecated
- func (p *PCE) GetWklds(queryParameters map[string]string) ([]Workload, APIResponse, error)
- func (p *PCE) IncreaseTrafficUpdateRate(wklds []Workload) (APIResponse, error)
- func (p *PCE) IterateTraffic(q TrafficQuery, stdout bool) ([]TrafficAnalysis, error)
- func (p *PCE) IterateTrafficJString(q TrafficQuery, stdout bool) (string, error)
- func (p *PCE) Load(l LoadInput) (map[string]APIResponse, error)
- func (p *PCE) LoadVenMap()
- func (p *PCE) LoadWorkloadMap()
- func (p *PCE) Login(user, password string) (UserLogin, []APIResponse, error)
- func (p *PCE) LoginAPIKey(user, password, name, desc string) (UserLogin, []APIResponse, error)
- func (p *PCE) Post(endpoint string, object, createdObject interface{}) (api APIResponse, err error)
- func (p *PCE) ProvisionCS(cs ChangeSubset, comment string) (api APIResponse, err error)
- func (p *PCE) ProvisionHref(hrefs []string, comment string) (APIResponse, error)
- func (p *PCE) Put(object interface{}) (api APIResponse, err error)
- func (p *PCE) UpdateContainerWkldProfiles(cp ContainerWorkloadProfile) (APIResponse, error)
- func (p *PCE) UpdateEnforcementBoundary(eb EnforcementBoundary) (APIResponse, error)
- func (p *PCE) UpdateIPList(ipList IPList) (APIResponse, error)
- func (p *PCE) UpdateLabel(label Label) (APIResponse, error)
- func (p *PCE) UpdateLabelGroup(labelGroup LabelGroup) (APIResponse, error)
- func (p *PCE) UpdateRule(rule Rule) (APIResponse, error)
- func (p *PCE) UpdateRuleSet(ruleset RuleSet) (APIResponse, error)deprecated
- func (p *PCE) UpdateRuleSetRules(rule Rule) (APIResponse, error)deprecated
- func (p *PCE) UpdateRuleset(ruleset RuleSet) (APIResponse, error)
- func (p *PCE) UpdateService(service Service) (APIResponse, error)
- func (p *PCE) UpdateVen(ven VEN) (api APIResponse, err error)
- func (p *PCE) UpdateVirtualService(virtualService VirtualService) (APIResponse, error)
- func (p *PCE) UpdateWkld(workload Workload) (APIResponse, error)
- func (p *PCE) UpdateWorkload(wkld Workload) (APIResponse, error)deprecated
- func (p *PCE) UpgradeVENs(vens []VEN, release string) (resp VENUpgradeResp, api APIResponse, err error)
- func (p *PCE) UploadTraffic(filename string, headerLine bool) (UploadFlowResults, error)
- func (p *PCE) WorkloadQueryLabelParameter(labelSlices [][]string) (queryParameter string, err error)
- func (p *PCE) WorkloadUpgrade(wkldHref, targetVersion string) (APIResponse, error)
- func (p *PCE) WorkloadsUnpair(wklds []Workload, ipTablesRestore string) ([]APIResponse, error)
- type PairingKey
- type PairingProfile
- type PortOverrides
- type PortProtos
- type ProductVersion
- type Providers
- type Provision
- type QualifyTest
- type RegionsItems
- type ResolveLabelsAs
- type Results
- type Rule
- type RuleSet
- type Scopes
- type SecureConnect
- type SecureConnectGateways
- type Service
- type ServiceAddresses
- type ServiceBinding
- type ServicePort
- type Services
- type Sources
- type Src
- type Statements
- type Status
- type SubGroups
- type System
- type Target
- type TimestampRange
- type TrafficAnalysis
- type TrafficAnalysisRequest
- type TrafficQuery
- type Unpair
- type UpdatedBy
- type UploadFlowResults
- type Usage
- type UserLogin
- type VEN
- type VENUpgrade
- type VENUpgradeError
- type VENUpgradeResp
- type Version
- type VirtualServer
- type VirtualServers
- type VirtualService
- type Vulnerability
- type VulnerabilityReport
- type VulnerabilitySummary
- type VulnerablePortWideExposure
- type WindowsService
- type Workload
- func (w *Workload) ChangeLabel(pce PCE, targetKey, newValue string) (PCE, error)
- func (w *Workload) GetApp(labelMap map[string]Label) Label
- func (w *Workload) GetAppGroup(labelMap map[string]Label) string
- func (w *Workload) GetAppGroupL(labelMap map[string]Label) string
- func (w *Workload) GetCIDR(ip string) string
- func (w *Workload) GetDefaultGW() string
- func (w *Workload) GetEnv(labelMap map[string]Label) Label
- func (w *Workload) GetIPWithDefaultGW() string
- func (w *Workload) GetInterfaceName(ip string) string
- func (w *Workload) GetLabelByKey(key string, labelMap map[string]Label) Label
- func (w *Workload) GetLoc(labelMap map[string]Label) Label
- func (w *Workload) GetMode() string
- func (w *Workload) GetNetMask(ip string) string
- func (w *Workload) GetNetMaskWithDefaultGW() string
- func (w *Workload) GetNetwork(ip string) string
- func (w *Workload) GetNetworkWithDefaultGateway() string
- func (w *Workload) GetRole(labelMap map[string]Label) Label
- func (w *Workload) GetVisibilityLevel() string
- func (w *Workload) HoursSinceLastHeartBeat() float64
- func (w *Workload) LabelsMatch(role, app, env, loc string, labelMap map[string]Label) bool
- func (w *Workload) SanitizeBulkUpdate()
- func (w *Workload) SanitizePut()
- func (w *Workload) SetMode(m string) error
- func (w *Workload) SetVisibilityLevel(v string) error
Constants ¶
This section is empty.
Variables ¶
var Threshold int
Threshold is the value set to iterate
Functions ¶
func LabelsToRuleStructure ¶ added in v1.3.0
LabelsToRuleStructure takes a slice of labels and returns a slice of slices for how the labels would be organized as read by the PCE rule processing. For example {"A-ERP", "A-CRM", "E-PROD"} will return [{"A-ERP, E-PROD"}. {"A-CRM", "E-PROD"}]
func ParseObjectType ¶
ParseObjectType takes an href and returns one of the following options: iplist, label, label_group, virtual_service, workload, or unknown.
func ProtocolList ¶
ProtocolList returns a map for the IANA protocol numbers.
Types ¶
type APIKey ¶
type APIKey struct { Href string `json:"href,omitempty"` KeyID string `json:"key_id,omitempty"` AuthUsername string `json:"auth_username,omitempty"` CreatedAt string `json:"created_at,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Secret string `json:"secret,omitempty"` }
APIKey represents an API Key
type APIResponse ¶
type APIResponse struct { RespBody string StatusCode int Header http.Header Request *http.Request ReqBody string Warnings []string }
APIResponse contains the information from the response of the API
type Actors ¶
type Actors struct { Actors string `json:"actors,omitempty"` Label *Label `json:"label,omitempty"` LabelGroup *LabelGroup `json:"label_group,omitempty"` Workload *Workload `json:"workload,omitempty"` }
Actors - more info to follow
type Agent ¶
type Agent struct { ActivePceFqdn string `json:"active_pce_fqdn,omitempty"` Config *Config `json:"config,omitempty"` Href string `json:"href,omitempty"` SecureConnect *SecureConnect `json:"secure_connect,omitempty"` Status *Status `json:"status,omitempty"` TargetPceFqdn string `json:"target_pce_fqdn,omitempty"` Hostname string `json:"hostname,omitempty"` // Added this for events }
An Agent is an Agent on a Workload
type AgentHealth ¶
type AgentHealth struct { AuditEvent string `json:"audit_event,omitempty"` Severity string `json:"severity,omitempty"` Type string `json:"type,omitempty"` }
AgentHealth represents the Agent Health of the Status of a Workload
type AgentHealthErrors ¶
type AgentHealthErrors struct { Errors []string `json:"errors,omitempty"` Warnings []string `json:"warnings,omitempty"` }
AgentHealthErrors represents the Agent Health Errors of the Status of a Workload This is depreciated - use AgentHealth
type AsyncTrafficQuery ¶ added in v1.78.0
type AsyncTrafficQuery struct { CreatedAt string `json:"created_at,omitempty"` // Timestamp in UTC when this query was created CreatedBy *CreatedBy `json:"created_by,omitempty"` FlowsCount int `json:"flows_count,omitempty"` // result count after query limits and RBAC filtering are applied Href string `json:"href,omitempty"` // Query URI MatchesCount int `json:"matches_count,omitempty"` // query result count QueryParameters *TrafficAnalysisRequest `json:"query_parameters"` // Explorer query parameters Regions []*RegionsItems `json:"regions,omitempty"` // Region-specific response metadata Result string `json:"result,omitempty"` // Result download URI, availble only if status is completed Status string `json:"status"` // Current query status UpdatedAt string `json:"updated_at,omitempty"` // Timestamp in UTC when this async query was last updated. }
Root Asynchronous explorer query status
type Authentication ¶
type Authentication struct {
AuthToken string `json:"auth_token"`
}
Authentication represents the response of the Authenticate API
type BulkResponse ¶ added in v1.12.0
type BulkResponse struct { Href string `json:"href"` Status string `json:"status"` Token string `json:"token"` Message string `json:"message"` Errors []Error `json:"errors"` }
BulkResponse is the data structure for the bulk response API
type ChangeSubset ¶
type ChangeSubset struct { FirewallSettings []*FirewallSettings `json:"firewall_settings,omitempty"` IPLists []*IPList `json:"ip_lists,omitempty"` LabelGroups []*LabelGroup `json:"label_groups,omitempty"` RuleSets []*RuleSet `json:"rule_sets,omitempty"` SecureConnectGateways []*SecureConnectGateways `json:"secure_connect_gateways,omitempty"` Services []*Service `json:"services,omitempty"` VirtualServers []*VirtualServer `json:"virtual_servers,omitempty"` VirtualServices []*VirtualService `json:"virtual_services,omitempty"` EnforcementBoundaries []*EnforcementBoundary `json:"enforcement_boundaries,omitempty"` }
ChangeSubset Hash of pending hrefs, organized by model
type CompatibilityReport ¶
type CompatibilityReport struct { LastUpdatedAt time.Time `json:"last_updated_at"` Results Results `json:"results"` QualifyStatus string `json:"qualify_status"` }
CompatibilityReport is a compatibility report for a VEN in Idle status
type Conditions ¶ added in v1.59.0
type Conditions struct { FirstReportedTimestamp time.Time `json:"first_reported_timestamp"` LatestEvent LatestEvent `json:"latest_event"` }
Conditions are the list of conditions for VEN Health
type Config ¶
type Config struct { LogTraffic bool `json:"log_traffic"` Mode string `json:"mode,omitempty"` SecurityPolicyUpdateMode string `json:"security_policy_update_mode,omitempty"` VisibilityLevel string `json:"visibility_level,omitempty"` }
Config represents the Configuration of an Agent on a Workload
type Consumers ¶
type Consumers struct { Actors string `json:"actors,omitempty"` IPList *IPList `json:"ip_list,omitempty"` Label *Label `json:"label,omitempty"` LabelGroup *LabelGroup `json:"label_group,omitempty"` VirtualService *VirtualService `json:"virtual_service,omitempty"` Workload *Workload `json:"workload,omitempty"` }
Consumers - more info to follow
type ConsumingSecurityPrincipals ¶
type ConsumingSecurityPrincipals struct { Deleted bool `json:"deleted,omitempty"` Href string `json:"href,omitempty"` Name string `json:"name,omitempty"` SID string `json:"sid,omitempty"` UsedByRuleSet bool `json:"used_by_ruleset,omitempty"` }
ConsumingSecurityPrincipals are AD user groups
type ContainerCluster ¶ added in v1.31.0
type ContainerCluster struct { Href string `json:"href,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` ContainerRuntime string `json:"container_runtime,omitempty"` ManagerType string `json:"manager_type,omitempty"` Online *bool `json:"online,omitempty"` KubelinkVersion string `json:"kubelink_version,omitempty"` PceFqdn string `json:"pce_fqdn,omitempty"` }
ContainerCluster represents a container cluster in the Illumio PCE
func (*ContainerCluster) ID ¶ added in v1.62.0
func (c *ContainerCluster) ID() string
type ContainerWorkloadProfile ¶ added in v1.48.0
type ContainerWorkloadProfile struct { Href string `json:"href,omitempty"` Name *string `json:"name"` // API expects null for name to remove it. Always sent. Namespace string `json:"namespace,omitempty"` Description *string `json:"description,omitempty"` EnforcementMode string `json:"enforcement_mode,omitempty"` VisibilityLevel string `json:"visibility_level,omitempty"` Managed *bool `json:"managed,omitempty"` Linked *bool `json:"linked,omitempty"` Labels *[]ContainerWorkloadProfileLabel `json:"labels,omitempty"` CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` ClusterName string `json:"-"` }
ContainerWorkloadProfile represents a container workload profile in the Illumio PCE
func (*ContainerWorkloadProfile) GetLabelByKey ¶ added in v1.62.0
func (c *ContainerWorkloadProfile) GetLabelByKey(key string) string
GetLabelByKey returns the value for a provided label key
func (*ContainerWorkloadProfile) RemoveLabel ¶ added in v1.62.0
func (c *ContainerWorkloadProfile) RemoveLabel(key string) error
SetLabelByKey sets the specified label
func (*ContainerWorkloadProfile) SanitizeContainerWorkloadProfilePut ¶ added in v1.62.0
func (c *ContainerWorkloadProfile) SanitizeContainerWorkloadProfilePut()
SanitizeContainerWorkloadProfilePut removes fields not acceptable to the put method.
type ContainerWorkloadProfileAssignLabel ¶ added in v1.48.0
type ContainerWorkloadProfileAssignLabel struct {
Href string `json:"href,omitempty"`
}
type ContainerWorkloadProfileLabel ¶ added in v1.48.0
type ContainerWorkloadProfileLabel struct { Key string `json:"key,omitempty"` Assignment ContainerWorkloadProfileLabelAssignment `json:"assignment,omitempty"` Restriction []ContainerWorkloadProfileLabelRestriction `json:"restriction,omitempty"` }
type ContainerWorkloadProfileLabelAssignment ¶ added in v1.48.0
type ContainerWorkloadProfileLabelRestriction ¶ added in v1.62.0
type CreatedBy ¶
type CreatedBy struct {
Href string `json:"href"`
}
CreatedBy represents the CreatedBy property of an object
type DeletedBy ¶
type DeletedBy struct {
Href string `json:"href,omitempty"`
}
DeletedBy represents the Deleted By property of an object
type Destinations ¶
type Destinations struct { Include [][]Include `json:"include"` Exclude []Exclude `json:"exclude"` }
Destinations represents the destination query portion of the explorer API
type DiscoveredVirtualServer ¶
type DiscoveredVirtualServer struct {
Href string `json:"href"`
}
DiscoveredVirtualServer is part of a Virtual Server
type Dst ¶
type Dst struct { IP string `json:"ip"` Workload *Workload `json:"workload,omitempty"` FQDN string `json:"fqdn,omitempty"` IPLists *[]*IPList `json:"ip_lists"` }
Dst is the provider workload details
type EnforcementBoundary ¶ added in v1.25.0
type EnforcementBoundary struct { Href string `json:"href,omitempty"` Name *string `json:"name,omitempty"` Providers *[]Providers `json:"providers,omitempty"` Consumers *[]Consumers `json:"consumers,omitempty"` IngressServices *[]IngressServices `json:"ingress_services,omitempty"` Enabled *bool `json:"enabled,omitempty"` NetworkType *string `json:"network_type,omitempty"` // ["brn", "non_brn", "all"] CreatedAt *string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DeletedAt *string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` UpdateType *string `json:"update_type,omitempty"` UpdatedAt *string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` }
type Event ¶ added in v1.39.0
type Event struct { Href string `json:"href"` Timestamp time.Time `json:"timestamp"` PceFqdn string `json:"pce_fqdn"` EventCreatedBy EventCreatedBy `json:"created_by"` EventType string `json:"event_type"` Status string `json:"status"` Severity string `json:"severity"` Notifications []Notifications `json:"notifications"` }
Event represents an auditable event in the Illumio PCE
func (*Event) PopulateCreatedBy ¶ added in v1.39.0
func (e *Event) PopulateCreatedBy()
type EventCreatedBy ¶ added in v1.39.0
type EventCreatedBy struct { Agent Agent `json:"agent"` User UserLogin `json:"user"` ContainerCluster ContainerCluster `json:"container_cluster"` System System `json:"system,omitempty"` Name string Href string }
EventCreatedBy is who created the event
type Exclude ¶
type Exclude struct { Label *Label `json:"label,omitempty"` Workload *Workload `json:"workload,omitempty"` IPList *IPList `json:"ip_list,omitempty"` IPAddress *IPAddress `json:"ip_address,omitempty"` Port int `json:"port,omitempty"` ToPort int `json:"to_port,omitempty"` Proto int `json:"proto,omitempty"` Process string `json:"process_name,omitempty"` WindowsService string `json:"windows_service_name,omitempty"` Transmission string `json:"transmission,omitempty"` }
Exclude represents the type of objects used in an include query. The exclude struct should only have the following combinations: label only, workload only, IP address only, Port and/or protocol only. Example - Label and Workload cannot both be non-nil Example - Port and Proto can both be non-nil (e.g., port 3306 and proto 6)
type ExpSrv ¶
type ExpSrv struct { Port int `json:"port,omitempty"` Proto int `json:"proto,omitempty"` Process string `json:"process_name,omitempty"` User string `json:"user_name,omitempty"` WindowsService string `json:"windows_service_name,omitempty"` }
ExpSrv is a service in the explorer response
type ExplorerServices ¶
type ExplorerServices struct { Include []Include `json:"include"` Exclude []Exclude `json:"exclude"` }
ExplorerServices represent services to be included or excluded in the explorer query
type FirewallSettings ¶
type FirewallSettings struct {
Href string `json:"href"`
}
FirewallSettings are a provisionable object
type FlowFilter ¶ added in v1.78.0
type FlowUploadResp ¶
type FlowUploadResp struct { NumFlowsReceived int `json:"num_flows_received"` NumFlowsFailed int `json:"num_flows_failed"` FailedFlows []*string `json:"failed_flows,omitempty"` }
FlowUploadResp is the response from the traffic upload API
type IPAddress ¶
type IPAddress struct {
Value string `json:"value,omitempty"`
}
IPAddress represents an IP Address
type IPList ¶
type IPList struct { CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Description string `json:"description,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` FQDNs *[]*FQDN `json:"fqdns,omitempty"` Href string `json:"href,omitempty"` IPRanges *[]*IPRange `json:"ip_ranges,omitempty"` Name string `json:"name,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` Size int `json:"size,omitempty"` }
IPList represents an IP List in the Illumio PCE.
type IPRange ¶
type IPRange struct { Description string `json:"description,omitempty"` Exclusion bool `json:"exclusion,omitempty"` FromIP string `json:"from_ip,omitempty"` ToIP string `json:"to_ip,omitempty"` }
IPRange repsents one of the IP ranges of an IP List.
type IPTablesRules ¶
type IPTablesRules struct { Actors []*Actors `json:"actors"` Description string `json:"description,omitempty"` Enabled bool `json:"enabled"` Href string `json:"href"` IPVersion string `json:"ip_version"` Statements []*Statements `json:"statements"` }
IPTablesRules - more info to follow
type IllumioSecurityTemplate ¶
type IllumioSecurityTemplate struct { Name string `json:"name"` Version int `json:"version"` OsFamily string `json:"os_family"` Icon string `json:"icon"` CompatiblePceVersions []int `json:"compatible_pce_versions"` Labels []*Label `json:"labels,omitempty"` IPLists []*IPList `json:"ip_lists,omitempty"` Services []*Service `json:"services,omitempty"` }
IllumioSecurityTemplate contains Labels, IP Lists, Services
type IllumioSecurityTemplateFile ¶
type IllumioSecurityTemplateFile struct {
IllumioSecurityTemplates []*IllumioSecurityTemplate `json:"illumio_security_templates"`
}
IllumioSecurityTemplateFile is a file with a slice of templates
func ParseTemplateFile ¶
func ParseTemplateFile(filename string) (IllumioSecurityTemplateFile, error)
ParseTemplateFile imports a JSON template file into the PCE
type Include ¶
type Include struct { Actors string `json:"actors,omitempty"` Label *Label `json:"label,omitempty"` Workload *Workload `json:"workload,omitempty"` IPList *IPList `json:"ip_list,omitempty"` IPAddress *IPAddress `json:"ip_address,omitempty"` Port int `json:"port,omitempty"` ToPort int `json:"to_port,omitempty"` Proto int `json:"proto,omitempty"` Process string `json:"process_name,omitempty"` WindowsService string `json:"windows_service_name,omitempty"` }
Include represents the type of objects used in an include query. The include struct should be label only, workload only, IP address only, Port and/or protocol only. Example - Label and Workload cannot both be non-nil Example - Port and Proto can both be non-nil (e.g., port 3306 and proto 6)
type IncreaseTrafficUpdateReq ¶ added in v1.51.0
type IncreaseTrafficUpdateReq struct {
Workloads []Workload `json:"workloads"`
}
type Info ¶ added in v1.39.0
type Info struct { APIEndpoint string `json:"api_endpoint"` APIMethod string `json:"api_method"` SrcIP string `json:"src_ip"` }
Info are notification info
type IngressServices ¶
type IngressServices struct { Port *int `json:"port,omitempty"` Protocol *int `json:"proto,omitempty"` ToPort *int `json:"to_port,omitempty"` Href *string `json:"href,omitempty"` }
IngressServices - more info to follow
type Interface ¶
type Interface struct { Address string `json:"address,omitempty"` CidrBlock *int `json:"cidr_block,omitempty"` DefaultGatewayAddress string `json:"default_gateway_address,omitempty"` FriendlyName string `json:"friendly_name,omitempty"` LinkState string `json:"link_state,omitempty"` Name string `json:"name,omitempty"` }
An Interface represent the Interfaces of a Workload
type Label ¶
type Label struct { CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` Deleted bool `json:"deleted,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` Key string `json:"key,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` Value string `json:"value,omitempty"` LabelUsage *LabelUsage `json:"usage,omitempty"` }
A Label represents an Illumio Label.
type LabelDimension ¶ added in v1.75.0
type LabelDimension struct { Href string `json:"href"` Key string `json:"key"` DisplayName string `json:"display_name"` CreatedAt string `json:"created_at"` UpdatedAt string `json:"updated_at"` Deleted bool `json:"deleted"` DeletedAt string `json:"deleted_at"` Usage LabelDimensionUsage `json:"usage"` Caps []string `json:"caps"` ExternalDataSet string `json:"external_data_set,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` CreatedBy CreatedBy `json:"created_by"` UpdatedBy UpdatedBy `json:"updated_by"` DeletedBy DeletedBy `json:"deleted_by"` }
type LabelDimensionUsage ¶ added in v1.75.0
type LabelGroup ¶
type LabelGroup struct { Description string `json:"description,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` Key string `json:"key,omitempty"` Labels []*Label `json:"labels,omitempty"` Name string `json:"name,omitempty"` SubGroups []*SubGroups `json:"sub_groups,omitempty"` Usage *Usage `json:"usage,omitempty"` }
LabelGroup represents a Label Group in the Illumio PCE
type LabelUsage ¶ added in v1.22.0
type LabelUsage struct { VirtualServer bool `json:"virtual_server"` LabelGroup bool `json:"label_group"` Ruleset bool `json:"ruleset"` StaticPolicyScopes bool `json:"static_policy_scopes"` PairingProfile bool `json:"pairing_profile"` Permission bool `json:"permission"` Workload bool `json:"workload"` ContainerWorkload bool `json:"container_workload"` FirewallCoexistenceScope bool `json:"firewall_coexistence_scope"` ContainersInheritHostPolicyScopes bool `json:"containers_inherit_host_policy_scopes"` ContainerWorkloadProfile bool `json:"container_workload_profile"` BlockedConnectionRejectScope bool `json:"blocked_connection_reject_scope"` EnforcementBoundary bool `json:"enforcement_boundary"` LoopbackInterfacesInPolicyScopes bool `json:"loopback_interfaces_in_policy_scopes"` VirtualService bool `json:"virtual_service"` }
type LatestEvent ¶ added in v1.59.0
type LatestEvent struct { NotificationType string `json:"notification_type"` Severity string `json:"severity"` Href string `json:"href"` Info Info `json:"info"` Timestamp time.Time `json:"timestamp"` }
LatestEvent is for a Condition
type LoadInput ¶ added in v1.6.0
type LoadInput struct { ProvisionStatus string // Must be draft or active. Blank value is draft Labels bool LabelGroups bool IPLists bool Workloads bool WorkloadsQueryParameters map[string]string VirtualServices bool VirtualServers bool Services bool ConsumingSecurityPrincipals bool RuleSets bool VENs bool ContainerClusters bool ContainerWorkloads bool EnforcementBoundaries bool }
LoadInput tells the p.Load method what objects to load
type Notifications ¶ added in v1.39.0
type Notifications struct { UUID string `json:"uuid"` NotificationType string `json:"notification_type"` Info Info `json:"info"` }
Notifications are event notifications
type OpenServicePorts ¶
type OpenServicePorts struct { Address string `json:"address,omitempty"` Package string `json:"package,omitempty"` Port int `json:"port,omitempty"` ProcessName string `json:"process_name,omitempty"` Protocol int `json:"protocol,omitempty"` User string `json:"user,omitempty"` WinServiceName string `json:"win_service_name,omitempty"` }
OpenServicePorts represents open ports for a service running on a workload
type Org ¶
type Org struct { Href string `json:"href"` DisplayName string `json:"display_name"` ID int `json:"org_id"` }
Org is an an organization in a SaaS PCE
type PCE ¶
type PCE struct { FriendlyName string FQDN string Port int Org int User string Key string Proxy string DisableTLSChecking bool Version Version LabelsSlice []Label // All labels stored in a slice Labels map[string]Label // Labels can be looked up by href or key+value (no character between key and value) LabelGroups map[string]LabelGroup // Label Groups can be looked up by href or name LabelGroupsSlice []LabelGroup IPLists map[string]IPList // IP Lists can be looked up by href or name IPListsSlice []IPList // All IP Lists stored in a slice Workloads map[string]Workload // Workloads can be looked up by href, hostname, or names WorkloadsSlice []Workload // All Workloads stored in a slice VirtualServices map[string]VirtualService // VirtualServices can be looked up by href or name VirtualServers map[string]VirtualServer // VirtualServers can be looked up by href or name Services map[string]Service // Services can be looked up by href or name ServicesSlice []Service // All services stored in a slice ConsumingSecurityPrincipals map[string]ConsumingSecurityPrincipals // ConsumingSecurityPrincipals can be loooked up by href or name RuleSets map[string]RuleSet // RuleSets can be looked up by href or name VENs map[string]VEN // VENs can be looked up by href or name VENsSlice []VEN // All VENs stored in a slice ContainerClusters map[string]ContainerCluster ContainerClustersSlice []ContainerCluster ContainerWorkloads map[string]Workload ContainerWorkloadsSlice []Workload ContainerWorkloadProfiles map[string]ContainerWorkloadProfile ContainerWorkloadProfilesSlice []ContainerWorkloadProfile EnforcementBoundaries map[string]EnforcementBoundary EnforcementBoundariesSlice []EnforcementBoundary }
PCE represents an Illumio PCE and the necessary info to authenticate. The policy objects are maps for lookups. ] Each map will have multiple look up keys so the length of the map will be larger than the total objects. For example, each label will be in the map for an HREF and a key value. Policy objects should be called by their corresponding PCE method if you need to iterate or count them (e.g., pce.GetAllLabels)
func (*PCE) BulkVS ¶
func (p *PCE) BulkVS(virtualServices []VirtualService, method string) ([]APIResponse, error)
BulkVS takes a bulk action on an array of workloads. Method must be create, update, or delete
func (*PCE) BulkWorkload ¶
func (p *PCE) BulkWorkload(workloads []Workload, method string, stdoutLogs bool) ([]APIResponse, error)
BulkWorkload takes a bulk action on an array of workloads. Method must be create, update, or delete
func (*PCE) CreateADUserGroup ¶
func (p *PCE) CreateADUserGroup(group ConsumingSecurityPrincipals) (createdGroup ConsumingSecurityPrincipals, api APIResponse, err error)
CreateADUserGroup creates a user group policy object in the PCE
func (*PCE) CreateAsyncTrafficRequest ¶ added in v1.78.0
func (p *PCE) CreateAsyncTrafficRequest(t TrafficAnalysisRequest) (asyncQuery AsyncTrafficQuery, api APIResponse, err error)
CreateAsyncTrafficRequest makes a traffic request and returns the async query to look up later
func (*PCE) CreateEnforcementBoundary ¶ added in v1.25.0
func (p *PCE) CreateEnforcementBoundary(eb EnforcementBoundary) (createdEB EnforcementBoundary, api APIResponse, err error)
CreateEnforcementBoundary creates a new enforcement boundary in the Illumio PCE
func (*PCE) CreateFlowFilter ¶ added in v1.78.0
func (p *PCE) CreateFlowFilter(flowFilter FlowFilter) (createdFlowFilter FlowFilter, api APIResponse, err error)
CreateLabel creates a new Label in the PCE.
func (*PCE) CreateIPList ¶
func (p *PCE) CreateIPList(ipList IPList) (createdIPL IPList, api APIResponse, err error)
CreateIPList creates a new IP List in the PCE.
func (*PCE) CreateLabel ¶
func (p *PCE) CreateLabel(label Label) (createdLabel Label, api APIResponse, err error)
CreateLabel creates a new Label in the PCE.
func (*PCE) CreateLabelGroup ¶
func (p *PCE) CreateLabelGroup(labelGroup LabelGroup) (createdLabelGroup LabelGroup, api APIResponse, err error)
CreateLabelGroup creates a new label group in the PCE.
func (*PCE) CreatePairingKey ¶
func (p *PCE) CreatePairingKey(pairingProfile PairingProfile) (pairingKey PairingKey, api APIResponse, err error)
CreatePairingKey creates a pairing key from a pairing profile.
func (*PCE) CreatePairingProfile ¶
func (p *PCE) CreatePairingProfile(pairingProfile PairingProfile) (createdPairingProfile PairingProfile, api APIResponse, err error)
CreatePairingProfile creates a new pairing profile in the PCE.
func (*PCE) CreateRule ¶ added in v1.51.0
func (p *PCE) CreateRule(rulesetHref string, rule Rule) (createdRule Rule, api APIResponse, err error)
CreateRule creates a new rule in the PCE.
func (*PCE) CreateRuleSet
deprecated
func (p *PCE) CreateRuleSet(rs RuleSet) (createdRS RuleSet, api APIResponse, err error)
Deprecated: Use CreateRuleset instead.
func (*PCE) CreateRuleSetRule
deprecated
func (*PCE) CreateRuleset ¶ added in v1.54.0
func (p *PCE) CreateRuleset(rs RuleSet) (createdRS RuleSet, api APIResponse, err error)
CreateRuleSet creates a new ruleset in the PCE.
func (*PCE) CreateService ¶
func (p *PCE) CreateService(service Service) (createdService Service, api APIResponse, err error)
CreateService creates a new service in the PCE.
func (*PCE) CreateServiceBinding ¶
func (p *PCE) CreateServiceBinding(serviceBindings []ServiceBinding) (createdServiceBindings []ServiceBinding, api APIResponse, err error)
CreateServiceBinding binds new workloads to a virtual service
func (*PCE) CreateTrafficRequest ¶ added in v1.51.0
func (p *PCE) CreateTrafficRequest(t TrafficAnalysisRequest) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
CreateTrafficRequest makes a traffic request and waits for the results
func (*PCE) CreateVirtualService ¶
func (p *PCE) CreateVirtualService(virtualService VirtualService) (createdVirtualService VirtualService, api APIResponse, err error)
CreateVirtualService creates a new virtual service in the Illumio PCE.
func (*PCE) CreateWkld ¶ added in v1.51.0
func (p *PCE) CreateWkld(wkld Workload) (Workload, APIResponse, error)
CreateWkld creates a new unmanaged workload in the Illumio PCE
func (*PCE) CreateWorkload
deprecated
func (p *PCE) CreateWorkload(wkld Workload) (Workload, APIResponse, error)
Deprecated: Use CreateWkld instead.
func (*PCE) DeleteEnforcementBoundary ¶ added in v1.82.0
func (p *PCE) DeleteEnforcementBoundary(eb EnforcementBoundary) (APIResponse, error)
DeleteEnforcementBoundary removes an enforcement boundary from the PCE. The provided enforcement boundary object must include an Href.
func (*PCE) DeleteHref ¶
func (p *PCE) DeleteHref(href string) (APIResponse, error)
DeleteHref deletes an existing object in the PCE based on its href.
func (*PCE) ExpandLabelGroup ¶
ExpandLabelGroup returns a string of label hrefs in a label group Every subgroup (and nested subgroup) is expanded
func (*PCE) FindObject ¶
FindObject takes an href and returns what it is and the name
func (*PCE) GetADUserGroups ¶ added in v1.51.0
func (p *PCE) GetADUserGroups(queryParameters map[string]string) (groups []ConsumingSecurityPrincipals, api APIResponse, err error)
GetADUserGroups returns a slice of AD user groups from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetAllADUserGroups
deprecated
func (p *PCE) GetAllADUserGroups() ([]ConsumingSecurityPrincipals, APIResponse, error)
Deprecated: Use GetADUserGroups instead.
func (*PCE) GetAllAPIKeys ¶
func (p *PCE) GetAllAPIKeys(userHref string) ([]APIKey, APIResponse, error)
GetAllAPIKeys gets all the APIKeys associated with a user
func (*PCE) GetAllActiveIPLists
deprecated
func (p *PCE) GetAllActiveIPLists() ([]IPList, APIResponse, error)
Deprecated: Use GetIPLists instead.
func (*PCE) GetAllContainerClusters
deprecated
added in
v1.31.0
func (p *PCE) GetAllContainerClusters(queryParameters map[string]string) (containerClusters []ContainerCluster, api APIResponse, err error)
Deprecated: Use GetContainerClusters instead.
func (*PCE) GetAllContainerWorkloadProfiles
deprecated
added in
v1.48.0
func (p *PCE) GetAllContainerWorkloadProfiles(queryParameters map[string]string, containerClusterID string) ([]ContainerWorkloadProfile, APIResponse, error)
Deprecated: Use GetContainerWkldProfiles instead.
func (*PCE) GetAllContainerWorkloads
deprecated
added in
v1.31.0
func (*PCE) GetAllDraftIPLists
deprecated
func (p *PCE) GetAllDraftIPLists() ([]IPList, APIResponse, error)
Deprecated: Use GetIPLists instead.
func (*PCE) GetAllEvents
deprecated
added in
v1.39.0
func (*PCE) GetAllIPLists
deprecated
func (p *PCE) GetAllIPLists() ([]IPList, []APIResponse, error)
Deprecated: Use two separate calls to GetIPLists instead.
func (*PCE) GetAllLabelGroups
deprecated
func (p *PCE) GetAllLabelGroups(pStatus string) ([]LabelGroup, APIResponse, error)
Deprecated: Use GetLabelGroups instead.
func (*PCE) GetAllLabels
deprecated
func (p *PCE) GetAllLabels() ([]Label, APIResponse, error)
Deprecated: use GetLabels instead.
func (*PCE) GetAllLabelsQP
deprecated
added in
v1.22.0
func (*PCE) GetAllPairingProfiles
deprecated
func (p *PCE) GetAllPairingProfiles() ([]PairingProfile, APIResponse, error)
Deprecated: Use GetPairingProfiles instead.
func (*PCE) GetAllPending
deprecated
func (p *PCE) GetAllPending() (ChangeSubset, APIResponse, error)
Deprecated: Use GetPendingChanges instead.
func (*PCE) GetAllRuleSets
deprecated
func (p *PCE) GetAllRuleSets(pStatus string) ([]RuleSet, APIResponse, error)
Deprecated: Use GetRulesets instead.
func (*PCE) GetAllRuleSetsQP
deprecated
added in
v1.44.0
func (*PCE) GetAllServiceBindings
deprecated
func (p *PCE) GetAllServiceBindings(virtualService VirtualService) ([]ServiceBinding, APIResponse, error)
Deprecated: Use GetServiceBindings instead.
func (*PCE) GetAllServices
deprecated
func (p *PCE) GetAllServices(pStatus string) ([]Service, APIResponse, error)
Deprecated: Use GetServices instead.
func (*PCE) GetAllVens
deprecated
added in
v1.31.0
func (*PCE) GetAllVirtualServers
deprecated
func (p *PCE) GetAllVirtualServers(pStatus string) ([]VirtualServer, APIResponse, error)
Deprecated: Use GetVirtualServers instead.
func (*PCE) GetAllVirtualServices
deprecated
func (p *PCE) GetAllVirtualServices(queryParameters map[string]string, pStatus string) ([]VirtualService, APIResponse, error)
Deprecated: Use GetVirtualServices instead.
func (*PCE) GetAllVulnReports
deprecated
func (p *PCE) GetAllVulnReports() ([]VulnerabilityReport, APIResponse, error)
Deprecated: Use GetVulnReports instead.
func (*PCE) GetAllVulns
deprecated
func (p *PCE) GetAllVulns() ([]Vulnerability, APIResponse, error)
Deprecated: Use GetVulns instead.
func (*PCE) GetAllWorkloads
deprecated
func (p *PCE) GetAllWorkloads() ([]Workload, APIResponse, error)
Deprecated: Use GetWklds instead.
func (*PCE) GetAllWorkloadsQP
deprecated
func (*PCE) GetAsyncQueries ¶ added in v1.76.0
func (p *PCE) GetAsyncQueries(queryParameters map[string]string) (asyncQueries []AsyncTrafficQuery, api APIResponse, err error)
func (*PCE) GetAsyncQueryResults ¶ added in v1.78.0
func (p *PCE) GetAsyncQueryResults(aq AsyncTrafficQuery) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
func (*PCE) GetCollection ¶ added in v1.51.0
func (p *PCE) GetCollection(endpoint string, async bool, queryParameters map[string]string, response interface{}) (APIResponse, error)
GetCollection returns a collection of Illumio objects GetCollection uses a single header of Content-Type:application/json To customize the header, use GetCollectionHeaders
func (*PCE) GetCollectionHeaders ¶ added in v1.76.0
func (p *PCE) GetCollectionHeaders(endpoint string, async bool, queryParameters, headers map[string]string, response interface{}) (APIResponse, error)
GetCollectionHeaders returns a collection of Illumio objects and allows for customizing headers of HTTP request
func (*PCE) GetCompatibilityReport ¶
func (p *PCE) GetCompatibilityReport(w Workload) (cr CompatibilityReport, api APIResponse, err error)
GetCompatibilityReport returns the compatibility report for a VEN
func (*PCE) GetContainerClusters ¶ added in v1.51.0
func (p *PCE) GetContainerClusters(queryParameters map[string]string) (containerClusters []ContainerCluster, api APIResponse, err error)
GetContainerClusters returns a slice of ContainerCluster in the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetContainerWkldProfiles ¶ added in v1.51.0
func (p *PCE) GetContainerWkldProfiles(queryParameters map[string]string, containerClusterID string) (containerWkldProfiles []ContainerWorkloadProfile, api APIResponse, err error)
GetContainerWkldProfiles returns a slice of container workload profiles from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetContainerWklds ¶ added in v1.51.0
func (p *PCE) GetContainerWklds(queryParameters map[string]string) (containerWklds []Workload, api APIResponse, err error)
GetContainerWklds returns a slice of container workloads from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetEnforcementBoundaries ¶ added in v1.82.0
func (p *PCE) GetEnforcementBoundaries(queryParameters map[string]string, pStatus string) (ebs []EnforcementBoundary, api APIResponse, err error)
GetEnforcementBoundaries returns a slice of enforcement boundaries from the PCE. pStatus must be "draft" or "active". queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetEnforcementBoundaryByHref ¶ added in v1.82.0
func (p *PCE) GetEnforcementBoundaryByHref(href string) (eb EnforcementBoundary, api APIResponse, err error)
GetEnforcementBoundaryByHref returns the enforcement boundary with the specified HREF
func (*PCE) GetEvents ¶ added in v1.51.0
func (p *PCE) GetEvents(queryParameters map[string]string) (events []Event, api APIResponse, err error)
GetEvents returns a slice of events from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetHref ¶ added in v1.49.0
func (p *PCE) GetHref(href string, response interface{}) (APIResponse, error)
GetHref returns the Illumio object with a specific href
func (*PCE) GetIPListByName ¶ added in v1.51.0
GetIPListByName queries returns the IP List based on name. A blank IP List is return if no exact match.
func (*PCE) GetIPLists ¶ added in v1.51.0
func (p *PCE) GetIPLists(queryParameters map[string]string, pStatus string) (ipLists []IPList, api APIResponse, err error)
GetIPLists returns a slice of IP lists from the PCE. pStatus must be "draft" or "active". queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetLabelByHref ¶ added in v1.51.0
func (p *PCE) GetLabelByHref(href string) (Label, APIResponse, error)
GetLabelbyHref returns a label based on the provided HREF.
func (*PCE) GetLabelByKeyValue ¶ added in v1.51.0
func (p *PCE) GetLabelByKeyValue(key, value string) (Label, APIResponse, error)
GetLabelByKeyValue finds a label based on the key and value. A blank label is return if no exact match.
func (*PCE) GetLabelDimensions ¶ added in v1.75.0
func (p *PCE) GetLabelDimensions(queryParameters map[string]string) (labelDimensions []LabelDimension, api APIResponse, err error)
GetLabelDimensions returns a slice of label tpes from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetLabelGroups ¶ added in v1.51.0
func (p *PCE) GetLabelGroups(queryParameters map[string]string, pStatus string) (labelGroups []LabelGroup, api APIResponse, err error)
GetLabelGroups returns a slice of label groups from the PCE. pStatus must be "draft" or "active" queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetLabelbyHref
deprecated
func (p *PCE) GetLabelbyHref(href string) (Label, APIResponse, error)
Deprecated: Use GetLabelByHref instead.
func (*PCE) GetLabelbyKeyValue
deprecated
func (p *PCE) GetLabelbyKeyValue(key, value string) (Label, APIResponse, error)
Deprecated: Use GetLabelByKeyValue instead.
func (*PCE) GetLabels ¶ added in v1.51.0
func (p *PCE) GetLabels(queryParameters map[string]string) (labels []Label, api APIResponse, err error)
GetLabels returns a slice of labels from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetPairingProfiles ¶ added in v1.51.0
func (p *PCE) GetPairingProfiles(queryParameters map[string]string) (pairingProfiles []PairingProfile, api APIResponse, err error)
GetPairingProfiles returns a slice of pairing profiles from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetPendingChanges ¶ added in v1.51.0
func (p *PCE) GetPendingChanges() (cs ChangeSubset, api APIResponse, err error)
GetPending returns a slice of pending changes from the PCE.
func (*PCE) GetRuleByHref ¶ added in v1.51.0
func (p *PCE) GetRuleByHref(href string) (rule Rule, api APIResponse, err error)
GetRuleByHref returns the rule with a specific href
func (*PCE) GetRuleSetByHref
deprecated
added in
v1.49.0
func (p *PCE) GetRuleSetByHref(href string) (RuleSet, APIResponse, error)
Deprecated: Use GetRulesetByHref instead.
func (*PCE) GetRuleSetMapName
deprecated
func (*PCE) GetRuleSetRuleByHref
deprecated
added in
v1.49.0
func (p *PCE) GetRuleSetRuleByHref(href string) (Rule, APIResponse, error)
Deprecated: Use GetRuleByHref instead.
func (*PCE) GetRulesetByHref ¶ added in v1.51.0
func (p *PCE) GetRulesetByHref(href string) (ruleset RuleSet, api APIResponse, err error)
GetRulesetByHref returns the rule with a specific href
func (*PCE) GetRulesets ¶ added in v1.51.0
func (p *PCE) GetRulesets(queryParameters map[string]string, pStatus string) (ruleSets []RuleSet, api APIResponse, err error)
GetRulesets returns a slice of rulesets from the PCE. pStatus must be "draft" or "active". queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetServiceBindings ¶ added in v1.51.0
func (p *PCE) GetServiceBindings(queryParameters map[string]string) (serviceBindings []ServiceBinding, api APIResponse, err error)
GetServiceBindings returns a slice of service bindings from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetServices ¶ added in v1.51.0
func (p *PCE) GetServices(queryParameters map[string]string, pStatus string) (services []Service, api APIResponse, err error)
GetServices returns a slice of IP lists from the PCE. pStatus must be "draft" or "active". queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetTrafficAnalysis ¶
func (p *PCE) GetTrafficAnalysis(q TrafficQuery) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
GetTrafficAnalysis gets flow data from Explorer.
func (*PCE) GetTrafficAnalysisAPI
deprecated
added in
v1.6.0
func (p *PCE) GetTrafficAnalysisAPI(t TrafficAnalysisRequest) (returnedTraffic []TrafficAnalysis, api APIResponse, err error)
Deprecated: Use GetTrafficAnalysis instead.
func (*PCE) GetVenByHostname ¶ added in v1.44.0
func (p *PCE) GetVenByHostname(hostname string) (VEN, APIResponse, error)
GetVenByHostname gets a VEN by the hostname
func (*PCE) GetVenByHref ¶ added in v1.43.0
func (p *PCE) GetVenByHref(href string) (ven VEN, api APIResponse, err error)
GetVenByHref returns the VEN with a specific href
func (*PCE) GetVens ¶ added in v1.51.0
GetVens returns a slice of VENs from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value" The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetVersion ¶
func (p *PCE) GetVersion() (version Version, api APIResponse, err error)
GetVersion returns the version of the PCE
func (*PCE) GetVirtualServers ¶ added in v1.51.0
func (p *PCE) GetVirtualServers(queryParameters map[string]string, pStatus string) (virtualServers []VirtualServer, api APIResponse, err error)
GetVirtualServers returns a slice of IP lists from the PCE. pStatus must be "draft" or "active". queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetVirtualServiceByHref ¶ added in v1.49.0
func (p *PCE) GetVirtualServiceByHref(href string) (virtualService VirtualService, api APIResponse, err error)
GetVirtualServiceByHref returns the virtualservice with a specific href
func (*PCE) GetVirtualServiceByName ¶
func (p *PCE) GetVirtualServiceByName(name string, pStatus string) (VirtualService, APIResponse, error)
GetVirtualServiceByName returns the virtual service based on name. A blank virtual service is return if no exact match.
func (*PCE) GetVirtualServices ¶ added in v1.51.0
func (p *PCE) GetVirtualServices(queryParameters map[string]string, pStatus string) (virtualServices []VirtualService, api APIResponse, err error)
GetVirtualServices returns a slice of IP lists from the PCE. pStatus must be "draft" or "active". queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetVulnReports ¶ added in v1.51.0
func (p *PCE) GetVulnReports(queryParameters map[string]string) (vulnReports []VulnerabilityReport, api APIResponse, err error)
GetVulnReports returns a slice of vulnerabilities from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetVulns ¶ added in v1.51.0
func (p *PCE) GetVulns(queryParameters map[string]string) (vulns []Vulnerability, api APIResponse, err error)
GetVulns returns a slice of vulnerabilities from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value". The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) GetWkldByHostname ¶ added in v1.43.0
func (p *PCE) GetWkldByHostname(hostname string) (Workload, APIResponse, error)
GetWkldByHostname gets a workload based on the hostname. An empty workload is returned if there is no exact match.
func (*PCE) GetWkldByHref ¶
func (p *PCE) GetWkldByHref(href string) (Workload, APIResponse, error)
GetWkldByHref returns the workload with a specific href
func (*PCE) GetWkldHostMap
deprecated
func (p *PCE) GetWkldHostMap() (map[string]Workload, APIResponse, error)
Deprecated: Use GetWklds and the populated workloads map instead.
func (*PCE) GetWkldHrefMap
deprecated
func (p *PCE) GetWkldHrefMap() (map[string]Workload, APIResponse, error)
Deprecated: Use GetWklds and the populated workloads map instead.
func (*PCE) GetWklds ¶ added in v1.51.0
GetWklds returns a slice of workloads from the PCE. queryParameters can be used for filtering in the form of ["parameter"]="value" The first API call to the PCE does not use the async option. If the slice length is >=500, it re-runs with async.
func (*PCE) IncreaseTrafficUpdateRate ¶ added in v1.27.0
func (p *PCE) IncreaseTrafficUpdateRate(wklds []Workload) (APIResponse, error)
IncreaseTrafficUpdateRate increases the VEN traffic update rate
func (*PCE) IterateTraffic ¶
func (p *PCE) IterateTraffic(q TrafficQuery, stdout bool) ([]TrafficAnalysis, error)
IterateTraffic returns an array of traffic analysis. The iterative query starts by running a blank explorer query. If the results are over 90K, it queries again by TCP, UDP, and other. If either protocol-specific query is over 90K, it queries again by TCP and UDP port.
func (*PCE) IterateTrafficJString ¶
func (p *PCE) IterateTrafficJString(q TrafficQuery, stdout bool) (string, error)
IterateTrafficJString returns the combined JSON output from an iterative exlplorer query. The iterative query starts by running a blank explorer query. If the results are over threshold, it queries again by TCP, UDP, and other. If either protocol-specific query is over 90K, it queries again by TCP and UDP port.
func (*PCE) Load ¶
func (p *PCE) Load(l LoadInput) (map[string]APIResponse, error)
Load fills the PCE object maps
func (*PCE) LoadVenMap ¶ added in v1.46.0
func (p *PCE) LoadVenMap()
LoadVenMap populates the workload maps based on p.WorkloadSlice
func (*PCE) LoadWorkloadMap ¶ added in v1.46.0
func (p *PCE) LoadWorkloadMap()
LoadWorkloadMap will populate the workload maps based on p.WorkloadSlice
func (*PCE) Login ¶
func (p *PCE) Login(user, password string) (UserLogin, []APIResponse, error)
Login authenticates to the PCE. Login will populate the User, Key, and Org fields in the PCE instance. Login will use a temporary session token that expires after 10 minutes. The ILLUMIO_LOGIN_SERVER environment variable can be used for specifying a login server
func (*PCE) LoginAPIKey ¶
func (p *PCE) LoginAPIKey(user, password, name, desc string) (UserLogin, []APIResponse, error)
LoginAPIKey authenticates to the PCE. Login will populate the User, Key, and Org fields in the PCE instance. LoginAPIKey will create a permanent API Key with the provided name and description fields. The ILLUMIO_LOGIN_SERVER environment variable can be used for specifying a login server.
func (*PCE) Post ¶ added in v1.51.0
func (p *PCE) Post(endpoint string, object, createdObject interface{}) (api APIResponse, err error)
Post sends a POST request to the PCE
func (*PCE) ProvisionCS ¶
func (p *PCE) ProvisionCS(cs ChangeSubset, comment string) (api APIResponse, err error)
ProvisionCS provisions a ChangeSubset
func (*PCE) ProvisionHref ¶
func (p *PCE) ProvisionHref(hrefs []string, comment string) (APIResponse, error)
ProvisionHref provisions a slice of HREFs
func (*PCE) Put ¶ added in v1.51.0
func (p *PCE) Put(object interface{}) (api APIResponse, err error)
Put sends a PUT request to the PCE. The object must include an Href field.
func (*PCE) UpdateContainerWkldProfiles ¶ added in v1.62.0
func (p *PCE) UpdateContainerWkldProfiles(cp ContainerWorkloadProfile) (APIResponse, error)
UpdateContainerWkldProfiles updates an existing container workload profile in the Illumio PCE The provided container workload profile struct must include an href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateEnforcementBoundary ¶ added in v1.82.0
func (p *PCE) UpdateEnforcementBoundary(eb EnforcementBoundary) (APIResponse, error)
UpdateEnforcementBoundary updates an existing enforcement boundary in the PCE. The provided enforcement boundary object must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateIPList ¶
func (p *PCE) UpdateIPList(ipList IPList) (APIResponse, error)
UpdateIPList updates an existing IP List in the PCE. The provided IP List must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateLabel ¶
func (p *PCE) UpdateLabel(label Label) (APIResponse, error)
UpdateLabel updates an existing label in the PCE. The provided label must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateLabelGroup ¶
func (p *PCE) UpdateLabelGroup(labelGroup LabelGroup) (APIResponse, error)
UpdateLabelGroup updates an existing label group in the PCE. The provided label group must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateRule ¶ added in v1.51.0
func (p *PCE) UpdateRule(rule Rule) (APIResponse, error)
UpdateRule updates an existing rule in the PCE. The provided rule must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateRuleSet
deprecated
added in
v1.40.0
func (p *PCE) UpdateRuleSet(ruleset RuleSet) (APIResponse, error)
Deprecated: Use UpdateRuleset instead.
func (*PCE) UpdateRuleSetRules
deprecated
func (p *PCE) UpdateRuleSetRules(rule Rule) (APIResponse, error)
Deprecated: Use UpdateRule instead.
func (*PCE) UpdateRuleset ¶ added in v1.51.0
func (p *PCE) UpdateRuleset(ruleset RuleSet) (APIResponse, error)
UpdateRuleset updates an existing ruleset in the PCE. The provided ruleset must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateService ¶
func (p *PCE) UpdateService(service Service) (APIResponse, error)
UpdateService updates an existing service object in the Illumio PCE
func (*PCE) UpdateVen ¶ added in v1.31.0
func (p *PCE) UpdateVen(ven VEN) (api APIResponse, err error)
UpdateVEN updates an existing ven in the Illumio PCE The provided ven struct must include an href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateVirtualService ¶
func (p *PCE) UpdateVirtualService(virtualService VirtualService) (APIResponse, error)
UpdateVirtualService updates an existing virtual service in the PCE. The provided virtual service must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateWkld ¶ added in v1.51.0
func (p *PCE) UpdateWkld(workload Workload) (APIResponse, error)
UpdateWorkload updates an existing workload in the Illumio PCE The provided workload struct must include an Href. Properties that cannot be included in the PUT method will be ignored.
func (*PCE) UpdateWorkload
deprecated
func (p *PCE) UpdateWorkload(wkld Workload) (APIResponse, error)
Deprecated: Use UpdateWkld instead.
func (*PCE) UpgradeVENs ¶ added in v1.42.0
func (p *PCE) UpgradeVENs(vens []VEN, release string) (resp VENUpgradeResp, api APIResponse, err error)
func (*PCE) UploadTraffic ¶
func (p *PCE) UploadTraffic(filename string, headerLine bool) (UploadFlowResults, error)
UploadTraffic uploads a csv to the PCE with traffic flows. filename should be the path to a csv file with 4 cols: src_ip, dst_ip, port, protocol (IANA numerical format 6=TCP, 17=UDP) When headerLine = true, the first line of the CSV is skipped. If there are more than 999 entries in the CSV, it creates chunks of 999
func (*PCE) WorkloadQueryLabelParameter ¶ added in v1.14.0
func (p *PCE) WorkloadQueryLabelParameter(labelSlices [][]string) (queryParameter string, err error)
WorkloadQueryLabelParameter takes [][]string (example for after parsing a CSV). The first slice must be the label key headers (e.g., role, app, env, bu, etc.) Returns is the query parameter for those labels. Each inner slice is an "AND" query The slices are pieces together using "OR" The PCE must be loaded with the labels
func (*PCE) WorkloadUpgrade ¶
func (p *PCE) WorkloadUpgrade(wkldHref, targetVersion string) (APIResponse, error)
WorkloadUpgrade upgrades the VEN version on the workload
func (*PCE) WorkloadsUnpair ¶
func (p *PCE) WorkloadsUnpair(wklds []Workload, ipTablesRestore string) ([]APIResponse, error)
WorkloadsUnpair unpairs workloads. There is no limit to the length of []Workloads. The method chunks the API calls into groups of 1,000 to conform to the Illumio API.
type PairingKey ¶
type PairingKey struct {
ActivationCode string `json:"activation_code,omitempty"`
}
PairingKey represents a VEN pairing key
type PairingProfile ¶
type PairingProfile struct { AllowedUsesPerKey string `json:"allowed_uses_per_key,omitempty"` AppLabelLock bool `json:"app_label_lock"` CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` Description string `json:"description,omitempty"` Enabled bool `json:"enabled"` EnvLabelLock bool `json:"env_label_lock"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` IsDefault bool `json:"is_default,omitempty"` KeyLifespan string `json:"key_lifespan,omitempty"` Labels []*Label `json:"labels,omitempty"` LastPairingAt string `json:"last_pairing_at,omitempty"` LocLabelLock bool `json:"loc_label_lock"` LogTraffic bool `json:"log_traffic"` LogTrafficLock bool `json:"log_traffic_lock"` Mode string `json:"mode,omitempty"` ModeLock bool `json:"mode_lock"` Name string `json:"name,omitempty"` RoleLabelLock bool `json:"role_label_lock"` TotalUseCount int `json:"total_use_count,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` VisibilityLevel string `json:"visibility_level,omitempty"` VisibilityLevelLock bool `json:"visibility_level_lock"` }
PairingProfile represents a pairing profile in the Illumio PCE
type PortOverrides ¶
type PortOverrides struct { Port int `json:"port"` Proto int `json:"proto"` NewPort int `json:"new_port"` }
PortOverrides override a port on a virtual service binding.
type PortProtos ¶
PortProtos represents the ports and protocols query portion of the exporer API
type ProductVersion ¶
type ProductVersion struct { Build int `json:"build,omitempty"` EngineeringInfo string `json:"engineering_info,omitempty"` LongDisplay string `json:"long_display,omitempty"` ReleaseInfo string `json:"release_info,omitempty"` ShortDisplay string `json:"short_display,omitempty"` Version string `json:"version,omitempty"` }
ProductVersion represents the version of the product
type Providers ¶
type Providers struct { Actors string `json:"actors,omitempty"` IPList *IPList `json:"ip_list,omitempty"` Label *Label `json:"label,omitempty"` LabelGroup *LabelGroup `json:"label_group,omitempty"` VirtualServer *VirtualServer `json:"virtual_server,omitempty"` VirtualService *VirtualService `json:"virtual_service,omitempty"` Workload *Workload `json:"workload,omitempty"` }
Providers - more info to follow
type Provision ¶
type Provision struct { ChangeSubset *ChangeSubset `json:"change_subset,omitempty"` UpdateDescription string `json:"update_description,omitempty"` }
Provision is sent to the PCE to provision policy objects
type QualifyTest ¶
type QualifyTest struct { Status string `json:"status"` IpsecServiceEnabled interface{} `json:"ipsec_service_enabled"` Ipv4ForwardingEnabled interface{} `json:"ipv4_forwarding_enabled"` Ipv4ForwardingPktCnt interface{} `json:"ipv4_forwarding_pkt_cnt"` IptablesRuleCnt interface{} `json:"iptables_rule_cnt"` Ipv6GlobalScope interface{} `json:"ipv6_global_scope"` Ipv6ActiveConnCnt interface{} `json:"ipv6_active_conn_cnt"` IP6TablesRuleCnt interface{} `json:"ip6tables_rule_cnt"` RoutingTableConflict interface{} `json:"routing_table_conflict"` IPv6Enabled interface{} `json:"IPv6_enabled"` UnwantedNics interface{} `json:"Unwanted_nics"` GroupPolicy interface{} `json:"Group_policy"` RequiredPackagesInstalled interface{} `json:"required_packages_installed"` RequiredPackagesMissing *[]string `json:"required_packages_missing"` }
QualifyTest is part of compatibility report. Using interface types because API format is not guaranteed.
type RegionsItems ¶ added in v1.76.0
type RegionsItems struct { FlowsCount int `json:"flows_count,omitempty"` // region result count after query limits and RBAC filtering are applied MatchesCount int `json:"matches_count,omitempty"` // region query result count PceFqdn string `json:"pce_fqdn"` // fqdn of PCE region Responded bool `json:"responded"` // supercluster region responded with query results }
RegionsItems
type ResolveLabelsAs ¶
type ResolveLabelsAs struct { Consumers []string `json:"consumers"` Providers []string `json:"providers"` }
ResolveLabelsAs - more info to follow
type Results ¶
type Results struct {
QualifyTests []QualifyTest `json:"qualify_tests"`
}
Results are the list of qualify tests
type Rule ¶
type Rule struct { CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Consumers []*Consumers `json:"consumers,omitempty"` ConsumingSecurityPrincipals []*ConsumingSecurityPrincipals `json:"consuming_security_principals,omitempty"` Description string `json:"description,omitempty"` Enabled *bool `json:"enabled,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` IngressServices *[]*IngressServices `json:"ingress_services,omitempty"` Providers []*Providers `json:"providers,omitempty"` ResolveLabelsAs *ResolveLabelsAs `json:"resolve_labels_as,omitempty"` SecConnect *bool `json:"sec_connect,omitempty"` Stateless *bool `json:"stateless,omitempty"` MachineAuth *bool `json:"machine_auth,omitempty"` UnscopedConsumers *bool `json:"unscoped_consumers,omitempty"` UpdateType string `json:"update_type,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` UseWorkloadSubnets []string `json:"use_workload_subnets,omitempty"` NetworkType string `json:"network_type,omitempty"` // ["brn", "non_brn", "all"] }
Rule - more info to follow
func (*Rule) GetRuleSetHrefFromRuleHref
deprecated
func (*Rule) GetRulesetHref ¶ added in v1.51.0
GetRulesetHref returns the href of a ruleset based on the rule's href
type RuleSet ¶
type RuleSet struct { CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Description string `json:"description,omitempty"` Enabled *bool `json:"enabled,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` IPTablesRules []*IPTablesRules `json:"ip_tables_rules,omitempty"` Name string `json:"name,omitempty"` Rules []*Rule `json:"rules,omitempty"` Scopes *[][]*Scopes `json:"scopes,omitempty"` UpdateType string `json:"update_type,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` }
RuleSet - more info to follow
type Scopes ¶
type Scopes struct { Label *Label `json:"label,omitempty"` LabelGroup *LabelGroup `json:"label_group,omitempty"` }
Scopes - more info to follow
type SecureConnect ¶
type SecureConnect struct {
MatchingIssuerName string `json:"matching_issuer_name,omitempty"`
}
SecureConnect represents SecureConnect for an Agent on a Workload
type SecureConnectGateways ¶
type SecureConnectGateways struct {
Href string `json:"href"`
}
SecureConnectGateways represent SecureConnectGateways in provisioning
type Service ¶
type Service struct { CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Description string `json:"description,omitempty"` DescriptionURL string `json:"description_url,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` Name string `json:"name"` ProcessName string `json:"process_name,omitempty"` ServicePorts []*ServicePort `json:"service_ports,omitempty"` UpdateType string `json:"update_type,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` WindowsServices []*WindowsService `json:"windows_services,omitempty"` }
Service represent a service in the Illumio PCE
func (*Service) ParseService ¶
ParseService returns a slice of WindowsServices and ServicePorts from an Illumio service object
func (*Service) ToExplorer ¶ added in v1.6.0
ToExplorer takes a service and returns an explorer query include and exclude
type ServiceAddresses ¶
type ServiceAddresses struct { IP string `json:"ip,omitempty"` Network *Network `json:"network,omitempty"` Fqdn string `json:"fqdn,omitempty"` Description string `json:"description,omitempty"` }
ServiceAddresses are FQDNs for Virtual Services
type ServiceBinding ¶
type ServiceBinding struct { Href string `json:"href,omitempty"` VirtualService VirtualService `json:"virtual_service"` Workload Workload `json:"workload"` PortOverrides []PortOverrides `json:"port_overrides,omitempty"` }
A ServiceBinding binds a worklad to a Virtual Service
type ServicePort ¶
type ServicePort struct { IcmpCode int `json:"icmp_code,omitempty"` IcmpType int `json:"icmp_type,omitempty"` ID int `json:"id,omitempty"` Port int `json:"port,omitempty"` Protocol int `json:"proto,omitempty"` ToPort int `json:"to_port,omitempty"` }
ServicePort represent port and protocol information for a non-Windows service
type Services ¶
type Services struct { CreatedAt string `json:"created_at,omitempty"` OpenServicePorts []*OpenServicePorts `json:"open_service_ports,omitempty"` UptimeSeconds int `json:"uptime_seconds,omitempty"` }
Services represent the Services running on a Workload
type Src ¶
type Src struct { IP string `json:"ip"` Workload *Workload `json:"workload,omitempty"` FQDN string `json:"fqdn,omitempty"` IPLists *[]*IPList `json:"ip_lists"` }
Src is the consumer workload details
type Statements ¶
type Statements struct { ChainName string `json:"chain_name"` Parameters string `json:"parameters"` TableName string `json:"table_name"` }
Statements are part of a custom IPTables rule
type Status ¶
type Status struct { AgentHealth []*AgentHealth `json:"agent_health,omitempty"` AgentHealthErrors *AgentHealthErrors `json:"agent_health_errors,omitempty"` AgentVersion string `json:"agent_version,omitempty"` FirewallRuleCount int `json:"firewall_rule_count,omitempty"` FwConfigCurrent bool `json:"fw_config_current,omitempty"` InstanceID string `json:"instance_id,omitempty"` LastHeartbeatOn string `json:"last_heartbeat_on,omitempty"` ManagedSince string `json:"managed_since,omitempty"` SecurityPolicyAppliedAt string `json:"security_policy_applied_at,omitempty"` SecurityPolicyReceivedAt string `json:"security_policy_received_at,omitempty"` SecurityPolicyRefreshAt string `json:"security_policy_refresh_at,omitempty"` SecurityPolicySyncState string `json:"security_policy_sync_state,omitempty"` Status string `json:"status,omitempty"` UID string `json:"uid,omitempty"` UptimeSeconds int `json:"uptime_seconds,omitempty"` }
Status represents the Status of an Agent on a Workload
type System ¶ added in v1.39.0
type System struct { }
System is an empty struct for system-generated events
type TimestampRange ¶
type TimestampRange struct { FirstDetected string `json:"first_detected"` LastDetected string `json:"last_detected"` }
TimestampRange is used to limit queries ranges for the flow detected
type TrafficAnalysis ¶
type TrafficAnalysis struct { Dst *Dst `json:"dst"` NumConnections int `json:"num_connections"` PolicyDecision string `json:"policy_decision"` ExpSrv *ExpSrv `json:"service"` Src *Src `json:"src"` TimestampRange *TimestampRange `json:"timestamp_range"` Transmission string `json:"transmission"` }
TrafficAnalysis represents the response from the explorer API
func DedupeExplorerTraffic ¶
func DedupeExplorerTraffic(first, second []TrafficAnalysis) []TrafficAnalysis
DedupeExplorerTraffic takes two traffic responses and returns a de-duplicated result set
type TrafficAnalysisRequest ¶
type TrafficAnalysisRequest struct { QueryName *string `json:"query_name,omitempty"` Sources Sources `json:"sources"` Destinations Destinations `json:"destinations"` ExplorerServices ExplorerServices `json:"services"` StartDate time.Time `json:"start_date,omitempty"` EndDate time.Time `json:"end_date,omitempty"` PolicyDecisions []string `json:"policy_decisions"` MaxResults int `json:"max_results,omitempty"` SourcesDestinationsQueryOp string `json:"sources_destinations_query_op,omitempty"` ExcludeWorkloadsFromIPListQuery *bool `json:"exclude_workloads_from_ip_list_query,omitempty"` }
TrafficAnalysisRequest represents the payload object for the traffic analysis POST request
type TrafficQuery ¶
type TrafficQuery struct { SourcesInclude [][]string SourcesExclude []string DestinationsInclude [][]string DestinationsExclude []string // PortProtoInclude and PortProtoExclude entries should be in the format of [port, protocol] // Example [80, 6] is Port 80 TCP. PortProtoInclude [][2]int PortProtoExclude [][2]int // PortRangeInclude and PortRangeExclude entries should be of the format [fromPort, toPort, protocol] // Example - [1000, 2000, 6] is Ports 1000-2000 TCP. PortRangeInclude [][3]int PortRangeExclude [][3]int ProcessInclude []string WindowsServiceInclude []string ProcessExclude []string WindowsServiceExclude []string StartTime time.Time EndTime time.Time PolicyStatuses []string MaxFLows int TransmissionExcludes []string // Example: []string{"broadcast", "multicast"} will only get unicast traffic QueryOperator string // Value should be "and" or "or". "and" is used by default ExcludeWorkloadsFromIPListQuery bool // The PCE UI uses a value of true by default }
TrafficQuery is the struct to be passed to the GetTrafficAnalysis function
type Unpair ¶
type Unpair struct { Workloads []Workload `json:"workloads"` IPTableRestore string `json:"ip_table_restore"` }
Unpair is the payload for using the API to unpair workloads.
type UpdatedBy ¶
type UpdatedBy struct {
Href string `json:"href"`
}
UpdatedBy represents the UpdatedBy property of an object
type UploadFlowResults ¶
type UploadFlowResults struct { FlowResps []FlowUploadResp APIResps []APIResponse TotalFlowsInCSV int }
UploadFlowResults is the struct returned to the user when using the pce.UploadTraffic() method
type Usage ¶
type Usage struct { LabelGroup bool `json:"label_group"` Rule bool `json:"rule"` Ruleset bool `json:"ruleset"` StaticPolicyScopes bool `json:"static_policy_scopes,omitempty"` }
Usage covers how a LabelGroup is used in the PCE
type UserLogin ¶
type UserLogin struct { AuthUsername string `json:"auth_username,omitempty"` FullName string `json:"full_name,omitempty"` Href string `json:"href,omitempty"` InactivityExpirationMinutes int `json:"inactivity_expiration_minutes,omitempty"` LastLoginIPAddress string `json:"last_login_ip_address,omitempty"` LastLoginOn string `json:"last_login_on,omitempty"` ProductVersion *ProductVersion `json:"product_version,omitempty"` SessionToken string `json:"session_token,omitempty"` TimeZone string `json:"time_zone,omitempty"` Type string `json:"type,omitempty"` Orgs []*Org `json:"orgs,omitempty"` Username string `json:"username,omitempty"` // Added for events }
UserLogin represents a user logging in via password to get a session key
type VEN ¶ added in v1.19.0
type VEN struct { Href string `json:"href,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Hostname string `json:"hostname,omitempty"` UID string `json:"uid,omitempty"` Status string `json:"status,omitempty"` Version string `json:"version,omitempty"` ActivationType string `json:"activation_type,omitempty"` ActivePceFqdn string `json:"active_pce_fqdn,omitempty"` TargetPceFqdn string `json:"target_pce_fqdn,omitempty"` Workloads *[]*Workload `json:"workloads,omitempty"` ContainerCluster *ContainerCluster `json:"container_cluster,omitempty"` VenType string `json:"ven_type,omitempty"` Conditions []Conditions `json:"conditions,omitempty"` }
VEN represents a VEN in the Illumio PCE. Not including duplicated fields in a workload - labels, OS information, interfaces, etc.
type VENUpgrade ¶ added in v1.42.0
type VENUpgradeError ¶ added in v1.42.0
type VENUpgradeResp ¶ added in v1.42.0
type VENUpgradeResp struct {
VENUpgradeErrors []VENUpgradeError `json:"errors"`
}
type Version ¶
type Version struct { Version string `json:"version"` Build int `json:"build"` LongDisplay string `json:"long_display"` ShortDisplay string `json:"short_display"` Major int Minor int Patch int }
Version represents the version of the PCE
type VirtualServer ¶
type VirtualServer struct { Href string `json:"href,omitempty"` CreatedAt string `json:"created_at,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` DiscoveredVirtualServer *DiscoveredVirtualServer `json:"discovered_virtual_server,omitempty"` DvsName string `json:"dvs_name,omitempty"` DvsIdentifier string `json:"dvs_identifier,omitempty"` Labels []*Label `json:"labels,omitempty"` Service *Service `json:"service,omitempty"` Providers []interface{} `json:"providers,omitempty"` Mode string `json:"mode,omitempty"` }
VirtualServer represents a VirtualServer in the PCE
type VirtualServers ¶
type VirtualServers struct {
Href string `json:"href"`
}
VirtualServers reresent virtual servers in provisioning
type VirtualService ¶
type VirtualService struct { ApplyTo string `json:"apply_to,omitempty"` CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Description string `json:"description,omitempty"` ExternalDataReference string `json:"external_data_reference,omitempty"` ExternalDataSet string `json:"external_data_set,omitempty"` Href string `json:"href,omitempty"` IPOverrides []string `json:"ip_overrides,omitempty"` Labels []*Label `json:"labels,omitempty"` Name string `json:"name,omitempty"` PceFqdn string `json:"pce_fqdn,omitempty"` Service *Service `json:"service,omitempty"` ServiceAddresses []*ServiceAddresses `json:"service_addresses,omitempty"` ServicePorts []*ServicePort `json:"service_ports,omitempty"` UpdateType string `json:"update_type,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` }
A VirtualService represents a Virtual Service in the Illumio PCE
func (*VirtualService) Sanitize ¶
func (vs *VirtualService) Sanitize()
Sanitize removes fields for an update
func (*VirtualService) SetActive ¶
func (vs *VirtualService) SetActive() VirtualService
SetActive changes the HREF of the Virtual Service Object to Active
type Vulnerability ¶
type Vulnerability struct { CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` CveIds []string `json:"cve_ids,omitempty"` Description string `json:"description,omitempty"` Href string `json:"href,omitempty"` Name string `json:"name,omitempty"` Score int `json:"score,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` }
Vulnerability represents a vulnerability in the Illumio PCE
type VulnerabilityReport ¶
type VulnerabilityReport struct { Authoritative bool `json:"authoritative,omitempty"` CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` Href string `json:"href,omitempty"` Name string `json:"name,omitempty"` NumVulnerabilities int `json:"num_vulnerabilities,omitempty"` ReportType string `json:"report_type,omitempty"` ScannedIps []string `json:"scanned_ips,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` }
VulnerabilityReport represents a vulnerability report in the Illumio PCE
type VulnerabilitySummary ¶ added in v1.38.0
type VulnerabilitySummary struct { NumVulnerabilities int `json:"num_vulnerabilities,omitempty"` MaxVulnerabilityScore int `json:"max_vulnerability_score,omitempty"` VulnerabilityScore int `json:"vulnerability_score,omitempty"` VulnerablePortExposure int `json:"vulnerable_port_exposure,omitempty"` VulnerablePortWideExposure VulnerablePortWideExposure `json:"vulnerable_port_wide_exposure,omitempty"` VulnerabilityExposureScore int `json:"vulnerability_exposure_score,omitempty"` }
type VulnerablePortWideExposure ¶ added in v1.38.0
type WindowsService ¶
type WindowsService struct { IcmpCode int `json:"icmp_code,omitempty"` IcmpType int `json:"icmp_type,omitempty"` Port int `json:"port,omitempty"` ProcessName string `json:"process_name,omitempty"` Protocol int `json:"proto,omitempty"` ServiceName string `json:"service_name,omitempty"` ToPort int `json:"to_port,omitempty"` }
WindowsService represents port and protocol information for a Windows service
type Workload ¶
type Workload struct { Agent *Agent `json:"agent,omitempty"` CreatedAt string `json:"created_at,omitempty"` CreatedBy *CreatedBy `json:"created_by,omitempty"` DataCenter *string `json:"data_center,omitempty"` DataCenterZone string `json:"data_center_zone,omitempty"` DeleteType string `json:"delete_type,omitempty"` Deleted *bool `json:"deleted,omitempty"` DeletedAt string `json:"deleted_at,omitempty"` DeletedBy *DeletedBy `json:"deleted_by,omitempty"` Description *string `json:"description,omitempty"` DistinguishedName *string `json:"distinguished_name,omitempty"` EnforcementMode string `json:"enforcement_mode,omitempty"` ExternalDataReference *string `json:"external_data_reference,omitempty"` ExternalDataSet *string `json:"external_data_set,omitempty"` Hostname string `json:"hostname,omitempty"` Href string `json:"href,omitempty"` IgnoredInterfaceNames *[]string `json:"ignored_interface_names,omitempty"` Interfaces []*Interface `json:"interfaces,omitempty"` Labels *[]*Label `json:"labels,omitempty"` // This breaks the removing all labels Name string `json:"name,omitempty"` Namespace string `json:"namespace,omitempty"` // Only used in Container Workloads Online bool `json:"online,omitempty"` OsDetail *string `json:"os_detail,omitempty"` OsID *string `json:"os_id,omitempty"` PublicIP string `json:"public_ip,omitempty"` ServicePrincipalName *string `json:"service_principal_name,omitempty"` ServiceProvider string `json:"service_provider,omitempty"` Services *Services `json:"services,omitempty"` UpdatedAt string `json:"updated_at,omitempty"` UpdatedBy *UpdatedBy `json:"updated_by,omitempty"` VEN *VEN `json:"ven,omitempty"` VisibilityLevel string `json:"visibility_level,omitempty"` VulnerabilitySummary *VulnerabilitySummary `json:"vulnerability_summary,omitempty"` }
A Workload represents a workload in the PCE
func (*Workload) ChangeLabel ¶
ChangeLabel updates a workload struct with new label href. It does not call the Illumio API to update the workload in the PCE. Use pce.UpdateWorkload() or bulk update for that. The method returns the labelMapH in case it needs to create a new label.
func (*Workload) GetApp ¶
GetApp takes a map of labels with the href string as the key and returns the app label for a workload. To get the LabelMap call GetLabelMapH.
func (*Workload) GetAppGroup ¶
GetAppGroup returns the app group string of a workload in the format of App | Env. If the workload does not have an app or env label, "NO APP GROUP" is returned. Use GetAppGroupL to include the loc label in the app group.
func (*Workload) GetAppGroupL ¶
GetAppGroupL returns the app group string of a workload in the format of App | Env | Loc. If the workload does not have an app, env, or loc label, "NO APP GROUP" is returned. Use GetAppGroup to only use app and env in App Group.
func (*Workload) GetCIDR ¶
GetCIDR returns the CIDR Block for a workload's IP address The CIDR value is returned as a string (e.g., "/24"). If the CIDR value is not known (e.g., unmanaged workloads) it returns "NA" If the provided IP address is not attached to the workload, GetCIDR returns "NA".
func (*Workload) GetDefaultGW ¶
GetDefaultGW returns the default gateway for a workload. If the workload does not have a default gateway (many unmanaged workloads) it will return "NA"
func (*Workload) GetEnv ¶
GetEnv takes a map of labels with the href string as the key and returns the env label for a workload. To get the LabelMap call GetLabelMapH.
func (*Workload) GetIPWithDefaultGW ¶
GetIPWithDefaultGW returns the IP address of the interface that has the default gateway If the workload does not have a default gateway (many unmanaged workloads), it will return "NA"
func (*Workload) GetInterfaceName ¶
GetInterfaceName returns the interface name for a workload's IP address If the provided IP address is not attached to the workload, GetInterfaceName returns "NA".
func (*Workload) GetLabelByKey ¶ added in v1.68.0
GetLabelByKey returns the label object based on the provided key and label map A blank label is return if the label key is not used on the workload
func (*Workload) GetLoc ¶
GetLoc takes a map of labels with the href string as the key and returns the loc label for a workload. To get the LabelMap call GetLabelMapH.
func (*Workload) GetMode ¶
GetMode returns the mode of the workloads. The returned value in 20.2 and newer PCEs will be unmanaged, idle, visibility_only, full, or selective. For visibility levels, use the w.GetVisibilityLevel() method.
The returned value in 20.1 and lower PCEs will be unmanaged, idle, build, test, enforced-no, enforced-low, enforced-high. The enforced options represent no logging, low details, and high detail.
func (*Workload) GetNetMask ¶
GetNetMask returns the netmask for a workload's IP address The value is returned as a string (e.g., "255.0.0.0") If the value is not known (e.g., unmanaged workloads) it returns "NA" If the provided IP address is not attached to the workload, GetNetMask returns "NA".
func (*Workload) GetNetMaskWithDefaultGW ¶
GetNetMaskWithDefaultGW returns the netmask of the ip address that has the default gateway If the workload does not have a default gateway (many unmanaged workloads), it will return "NA"
func (*Workload) GetNetwork ¶
GetNetwork returns the network of a workload's IP address.
func (*Workload) GetNetworkWithDefaultGateway ¶
GetNetworkWithDefaultGateway returns the CIDR notation of the network of the interface with the default gateway. If the workload does not have a default gateway (many unmanaged workloads), it will return "NA"
func (*Workload) GetRole ¶
GetRole takes a map of labels with the href string as the key and returns the role label for a workload. To get the LabelMap call GetLabelMapH.
func (*Workload) GetVisibilityLevel ¶ added in v1.26.0
GetVisibilityLevel returns unmanaged, blocked_allowed, blocked, or off.
func (*Workload) HoursSinceLastHeartBeat ¶
HoursSinceLastHeartBeat returns the hours since the last beat. -9999 is returned for unmanaged workloads or when it cannot be calculated.
func (*Workload) LabelsMatch ¶
LabelsMatch checks if the workload matches the provided labels. Blank values ("") for role, app, env, or loc mean no label assigned for that key. A single asterisk (*) can be used to represent any in a particular key. For example, using "*" for role will return true as long as the app, env, and loc match.
func (*Workload) SanitizeBulkUpdate ¶
func (w *Workload) SanitizeBulkUpdate()
SanitizeBulkUpdate removes the properites necessary for a bulk update
func (*Workload) SanitizePut ¶
func (w *Workload) SanitizePut()
SanitizePut removes the necessary properties to update a workload.
func (*Workload) SetMode ¶
SetMode adjusts the workload to reflect the assigned mode. Nothing is changed in the PCE. To reflect the change in the PCE use SetMode method followed by PCE.UpdateWorkload() method.
Valid options in 20.2 and newer PCEs are idle, visibility_only, full, and selective. For visibility levels, use the w.SetVisibilityLevel() method.
Valid options in 20.1 and lower PCEs are idle, build, test, enforced-no, enforced-low, enforced-high. The enforced options represent no logging, low details, and high detail.
func (*Workload) SetVisibilityLevel ¶ added in v1.19.0
SetVisibilityLevel adjusts the workload to reflect the assigned visibility level. Nothing is changed in the PCE. To reflect the change in the PCE use SetVisibilityLevel method followed by PCE.UpdateWorkload() method.
Valid options in 20.2 and newer PCEs are flow_summary (blocked_allowed), flow_drops (blocked), flow_off (off), or enhanced_data_collection. The options in paranthesis are the UI values. Both are acceptable.
20.1 PCEs and lower do not use this method.
Source Files ¶
- boundaries.go
- compatibilityreport.go
- containercluster.go
- containerworkloadprofiles.go
- containerworkloads.go
- crud.go
- deprecated.go
- events.go
- flowfilter.go
- http.go
- iplists.go
- labeldimensions.go
- labelgroups.go
- labels.go
- pairing.go
- pce.go
- protocols.go
- provisioning.go
- rulesets.go
- servicebinding.go
- services.go
- template.go
- traffic.go
- usergroup.go
- userslogin.go
- ven.go
- version.go
- virtualserver.go
- virtualservices.go
- vulnerabilities.go
- workloads.go