api

package
v0.0.0-...-d0f2575 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 16, 2024 License: Apache-2.0 Imports: 35 Imported by: 0

README

API Client

A Golang API client for interacting with Lacework APIs.

Usage

Download the library into your $GOPATH:

$ go get github.com/lacework/go-sdk/api

Import the library into your tool:

import "github.com/lacework/go-sdk/api"

Requirements

To interact with Lacework's API you need to have:

  1. A Lacework account
  2. Either API access keys or token for authentication

Examples

Create a new Lacework client that will automatically generate a new access token from the provided set of API keys, then hit the /api/v2/AlertChannels endpoint to list all available alert channels in your account:

package main

import (
	"fmt"
	"log"

	"github.com/lacework/go-sdk/api"
)

func main() {
	lacework, err := api.NewClient("account",
		api.WithTokenFromKeys("KEY", "SECRET"),
	)
	if err != nil {
		log.Fatal(err)
	}

	alertChannels, err := lacework.V2.AlertChannels.List()
	if err != nil {
		log.Fatal(err)
	}

	for _, channel := range alertChannels.Data {
		fmt.Printf("Alert channel: %s\n", channel.Name)
	}
	// Output:
	//
	// Alert channel: DEFAULT EMAIL
}

Look at the _examples/ folder for more examples.

Documentation

Index

Constants

View Source 
const (
	// The list of valid inputs for DatadogSite field
	DatadogSiteEu  datadogSite = "eu"
	DatadogSiteCom datadogSite = "com"

	// The list of valid inputs for DatadogService field
	DatadogServiceLogsDetails   datadogService = "Logs Detail"
	DatadogServiceEventsSummary datadogService = "Events Summary"
	DatadogServiceLogsSummary   datadogService = "Logs Summary"
)
View Source 
const (
	// NoneAlertChannelType type that defines a non-existing Alert Channel integration
	NoneAlertChannelType alertChannelType = iota
	EmailUserAlertChannelType
	SlackChannelAlertChannelType
	AwsS3AlertChannelType
	CloudwatchEbAlertChannelType
	DatadogAlertChannelType
	WebhookAlertChannelType
	VictorOpsAlertChannelType
	CiscoSparkWebhookAlertChannelType
	MicrosoftTeamsAlertChannelType
	GcpPubSubAlertChannelType
	SplunkHecAlertChannelType
	ServiceNowRestAlertChannelType
	NewRelicInsightsAlertChannelType
	PagerDutyApiAlertChannelType
	IbmQRadarAlertChannelType
	JiraAlertChannelType
)
View Source 
const (
	// The list of valid inputs for QRadar Communication Type field
	QRadarCommHttps           qradarComm = "HTTPS"
	QRadarCommHttpsSelfSigned qradarComm = "HTTPS Self Signed Cert"
)
View Source 
const (
	NoneJiraIssueGrouping jiraIssueGrouping = iota
	EventsJiraIssueGrouping
	ResourcesJiraIssueGrouping
)
View Source 
const (
	BidirectionalJiraConfiguration = "Bidirectional"
	JiraCloudAlertType             = "JIRA_CLOUD"
	JiraServerAlertType            = "JIRA_SERVER"
)
View Source 
const (
	AlertRuleSeverityCritical alertRuleSeverity = 1
	AlertRuleSeverityHigh     alertRuleSeverity = 2
	AlertRuleSeverityMedium   alertRuleSeverity = 3
	AlertRuleSeverityLow      alertRuleSeverity = 4
	AlertRuleSeverityInfo     alertRuleSeverity = 5
	AlertRuleSeverityUnknown  alertRuleSeverity = 0
)
View Source 
const (
	AlertCloseReasonOther alertCloseReason = iota
	AlertCloseReasonFalsePositive
	AlertCloseReasonNotEnoughInfo
	AlertCloseReasonMalicious
	AlertCloseReasonExpected
	AlertCloseReasonExpectedBehavior
)
View Source 
const (
	AlertDetailsScope alertScope = iota
	AlertInvestigationScope
	AlertEventsScope
	AlertRelatedAlertsScope
	AlertIntegrationsScope
	AlertTimelineScope
)
View Source 
const (
	AlertsFilterFieldType     alertsFilterField = "alertType"
	AlertsFilterFieldSeverity alertsFilterField = "severity"
	AlertsFilterFieldStatus   alertsFilterField = "status"
)
View Source 
const (
	// type that defines a non-existing Cloud Account integration
	NoneCloudAccount cloudAccountType = iota
	AwsCfgCloudAccount
	AwsCtSqsCloudAccount
	AwsEksAuditCloudAccount
	AwsSidekickCloudAccount
	AwsSidekickOrgCloudAccount
	AwsUsGovCfgCloudAccount
	AwsUsGovCtSqsCloudAccount
	AzureAdAlCloudAccount
	AzureAlSeqCloudAccount
	AzureCfgCloudAccount
	GcpAtSesCloudAccount
	GcpCfgCloudAccount
	GcpGkeAuditCloudAccount
	GcpSidekickCloudAccount
	AzureSidekickCloudAccount
	GcpAlPubSubCloudAccount
	OciCfgCloudAccount
)
View Source 
const (
	AzureSubscriptionIntegration string = "SUBSCRIPTION"
	AzureTenantIntegration       string = "TENANT"
)
View Source 
const (
	// Project level integration with GCP
	GcpProjectIntegration gcpResourceLevel = iota

	// Organization level integration with GCP
	GcpOrganizationIntegration
)
View Source 
const (
	// type that defines a non-existing Container Registry integration
	NoneContainerRegistry containerRegistryType = iota
	GcpGarContainerRegistry
	GhcrContainerRegistry
	InlineScannerContainerRegistry
	ProxyScannerContainerRegistry
	AwsEcrContainerRegistry
	DockerhubContainerRegistry
	DockerhubV2ContainerRegistry
	GcpGcrContainerRegistry
)
View Source 
const (
	AwsEcrIAM ecrAuthType = iota
	AwsEcrAccessKey
)
View Source 
const (
	PolicyTypeCompliance policyType = iota
	PolicyTypeManual
	PolicyTypeViolation
)
View Source 
const (
	ReportRuleSeverityCritical reportRuleSeverity = 1
	ReportRuleSeverityHigh     reportRuleSeverity = 2
	ReportRuleSeverityMedium   reportRuleSeverity = 3
	ReportRuleSeverityLow      reportRuleSeverity = 4
	ReportRuleSeverityInfo     reportRuleSeverity = 5
	ReportRuleSeverityUnknown  reportRuleSeverity = 0
)
View Source 
const (
	ReportFilterType reportFilter = iota
	ReportFilterName
)
View Source 
const (
	ReportDefinitionSubTypeAws reportDefinitionSubType = iota
	ReportDefinitionSubTypeGcp
	ReportDefinitionSubTypeAzure
)
View Source 
const (
	ReportDistributionFrequencyDaily reportDistributionFrequency = iota
	ReportDistributionFrequencyWeekly
	ReportDistributionFrequencyBiweekly
	ReportDistributionFrequencyMonthly
)
View Source 
const (
	ReportDistributionViolationCompliant reportDistributionViolation = iota
	ReportDistributionViolationNonCompliant
	ReportDistributionViolationSuppressed
	ReportDistributionViolationCouldNotAssess
	ReportDistributionViolationManual
)
View Source 
const (
	ReportDistributionScopeResourceGroup reportDistributionScope = iota
	ReportDistributionScopeCloudIntegration
)
View Source 
const (
	// type that defines a non-existing Resource Group
	NoneResourceGroup resourceGroupType = iota
	AwsResourceGroup
	AzureResourceGroup
	ContainerResourceGroup
	GcpResourceGroup
	MachineResourceGroup

	// requires Org Access account client.WithOrgAccess()
	LwAccountResourceGroup

	OciResourceGroup
)
View Source 
const (
	None integrationSchema = iota
	AlertChannels
	AlertProfiles
	AlertRules
	ContainerRegistries
	CloudAccounts
	ResourceGroups
	ReportRules
	TeamMembers
	VulnerabilityExceptions
)
View Source 
const (
	VulnerabilityExceptionReasonAcceptedRisk vulnerabilityExceptionReason = iota
	VulnerabilityExceptionReasonAcceptedFalsePositive
	VulnerabilityExceptionReasonCompensatingControls
	VulnerabilityExceptionReasonFixPending
	VulnerabilityExceptionReasonOther
	VulnerabilityExceptionReasonUnknown
)
View Source 
const (
	VulnerabilityExceptionTypeHost vulnerabilityExceptionType = iota
	VulnerabilityExceptionTypeContainer
)
View Source 
const (
	VulnerabilityExceptionSeverityCritical vulnerabilityExceptionSeverity = "Critical"
	VulnerabilityExceptionSeverityHigh     vulnerabilityExceptionSeverity = "High"
	VulnerabilityExceptionSeverityMedium   vulnerabilityExceptionSeverity = "Medium"
	VulnerabilityExceptionSeverityLow      vulnerabilityExceptionSeverity = "Low"
	VulnerabilityExceptionSeverityInfo     vulnerabilityExceptionSeverity = "Info"
	VulnerabilityExceptionSeverityUnknown  vulnerabilityExceptionSeverity = "Unknown"
)
View Source 
const AlertRuleEventType = "Event"
View Source 
const ApiV2CliFeatureFlag = "PUBLIC.rgv2.cli"
View Source 
const AwsComplianceEvaluationDataset complianceEvaluationDataset = "AwsCompliance"
View Source 
const AwsInventoryDataset inventoryDataset = "AwsCompliance"
View Source 
const AwsInventoryType inventoryType = "AWS"
View Source 
const AzureInventoryType inventoryType = "Azure"
View Source 
const ComplianceReportDefaultAws = "CIS Amazon Web Services Foundations Benchmark v1.4.0"
View Source 
const ComplianceReportDefaultAzure = "CIS Microsoft Azure Foundations Benchmark v1.5.0"
View Source 
const ComplianceReportDefaultGcp = "GCP CIS Benchmark 1.3"
View Source 
const DefaultTokenExpiryTime = 3600
View Source 
const DisableTelemetry = "LW_TELEMETRY_DISABLE"
View Source 
const GcpInventoryType inventoryType = "GCP"
View Source 
const (
	ReportDefinitionTypeCompliance reportDefinitionType = iota
)
View Source 
const ReportRuleEventType = "Report"
View Source 
const URL_TYPE_DEFAULT = "Default"
View Source 
const URL_TYPE_PROSAST = "ProSast"
View Source 
const URL_TYPE_SAST_TABLES = "SastTables"
View Source 
const V2ApiMaxSearchHistoryDays = 92

V2ApiMaxSearchHistoryDays defines the maximum number of days in the past api v2 allows to be searched

View Source 
const V2ApiMaxSearchWindowDays = 7

V2ApiMaxSearchWindowDays defines the maximum number of days in a single request api v2 allows to be searched

View Source 
const Version = "1.51.1-dev"

Version is the semver coming from the VERSION file

Variables

View Source 
var (
	NoneResourceGroupQueryTemplate string = ""
	//go:embed _templates/resource_groups/aws.json
	AwsResourceGroupQueryTemplate string
	//go:embed _templates/resource_groups/azure.json
	AzureResourceGroupQueryTemplate string
	//go:embed _templates/resource_groups/container.json
	ContainerResourceGroupQueryTemplate string
	//go:embed _templates/resource_groups/gcp.json
	GcpResourceGroupQueryTemplate string
	//go:embed _templates/resource_groups/machine.json
	MachineResourceGroupQueryTemplate   string
	LwAccountResourceGroupQueryTemplate string = ""
	//go:embed _templates/resource_groups/oci.json
	OciResourceGroupQueryTemplate string
)

query templates

View Source 
var (
	ContainerResourceGroupAllLabels = []map[string]string{{"*": "*"}}
	ContainerResourceGroupAllTags   = []string{"*"}
)

Wildcard values for selecting all labels/tags

View Source 
var AlertChannelTypes = map[alertChannelType]string{
	NoneAlertChannelType:              "None",
	EmailUserAlertChannelType:         "EmailUser",
	SlackChannelAlertChannelType:      "SlackChannel",
	AwsS3AlertChannelType:             "AwsS3",
	CloudwatchEbAlertChannelType:      "CloudwatchEb",
	DatadogAlertChannelType:           "Datadog",
	WebhookAlertChannelType:           "Webhook",
	VictorOpsAlertChannelType:         "VictorOps",
	CiscoSparkWebhookAlertChannelType: "CiscoSparkWebhook",
	MicrosoftTeamsAlertChannelType:    "MicrosoftTeams",
	GcpPubSubAlertChannelType:         "GcpPubsub",
	SplunkHecAlertChannelType:         "SplunkHec",
	ServiceNowRestAlertChannelType:    "ServiceNowRest",
	NewRelicInsightsAlertChannelType:  "NewRelicInsights",
	PagerDutyApiAlertChannelType:      "PagerDutyApi",
	IbmQRadarAlertChannelType:         "IbmQradar",
	JiraAlertChannelType:              "Jira",
}

AlertChannelTypes is the list of available Alert Channel integration types

View Source 
var AlertCloseReasons = alertCloseReasons{
	AlertCloseReasonOther:            "Other",
	AlertCloseReasonFalsePositive:    "False positive",
	AlertCloseReasonNotEnoughInfo:    "Not enough information",
	AlertCloseReasonMalicious:        "Malicious and have resolution in place",
	AlertCloseReasonExpected:         "Expected because of routine testing",
	AlertCloseReasonExpectedBehavior: "Expected Behavior",
}

AlertCloseReasons is the list of available Alert closure reasons

View Source 
var AlertRuleCategories = []string{"Anomaly", "Policy", "Composite"}

Valid inputs for AlertRule Categories property

View Source 
var AlertRuleSources = []string{"Agent", "AWS", "Azure", "GCP", "K8s", "OCI"}

Valid inputs for AlertRule Source property

View Source 
var AlertRuleSubCategories = []string{
	"Compliance",
	"Application",
	"Cloud Activity",
	"File",
	"Machine",
	"User",
	"Platform",
	"Kubernetes Activity",
	"Registry",
	"SystemCall",
	"Host Vulnerability",
	"Container Vulnerability",
	"Threat Intel",

	"App",
	"Cloud",
	"K8sActivity",
}

Valid inputs for AlertRule SubCategories property

View Source 
var AlertScopes = map[alertScope]string{
	AlertDetailsScope:       "Details",
	AlertInvestigationScope: "Investigation",
	AlertEventsScope:        "Events",
	AlertRelatedAlertsScope: "RelatedAlerts",
	AlertIntegrationsScope:  "Integrations",
	AlertTimelineScope:      "Timeline",
}
View Source 
var AllAwsReportRuleNotifications = new(AwsReportRuleNotifications).allNotifications()

Enable all Aws report rules

View Source 
var AllAzureReportRuleNotifications = new(AzureReportRuleNotifications).allNotifications()

Enable all Azure report rules

View Source 
var AllDailyReportRuleNotifications = new(DailyEventsReportRuleNotifications).allNotifications()

Enable all Daily report rules

View Source 
var AllGcpReportRuleNotifications = new(GcpReportRuleNotifications).allNotifications()

Enable all Gcp report rules

View Source 
var AllReportRuleNotifications = new(ReportRuleNotificationTypes).allNotifications()

Enable all report rules

View Source 
var AllWeeklyReportRuleNotifications = new(WeeklyEventsReportRuleNotifications).allNotifications()

Enable all Weekly report rules

View Source 
var AwsEcrAuthTypes = map[ecrAuthType]string{
	AwsEcrIAM:       "AWS_IAM",
	AwsEcrAccessKey: "AWS_ACCESS_KEY",
}

AwsEcrAuthTypes is the list of available ECR auth types

View Source 
var (
	AwsResourceGroupAllAccounts = []string{"*"}
)

Wildcard values for selecting all aws accounts

View Source 
var (
	AzureResourceGroupAllSubscriptions = []string{"*"}
)

Wildcard values for selecting all azure subscriptions

View Source 
var CloudAccountTypes = map[cloudAccountType]string{
	NoneCloudAccount:           "None",
	AwsCfgCloudAccount:         "AwsCfg",
	AwsCtSqsCloudAccount:       "AwsCtSqs",
	AwsEksAuditCloudAccount:    "AwsEksAudit",
	AwsSidekickCloudAccount:    "AwsSidekick",
	AwsSidekickOrgCloudAccount: "AwsSidekickOrg",
	AwsUsGovCfgCloudAccount:    "AwsUsGovCfg",
	AwsUsGovCtSqsCloudAccount:  "AwsUsGovCtSqs",
	AzureAdAlCloudAccount:      "AzureAdAl",
	AzureAlSeqCloudAccount:     "AzureAlSeq",
	AzureCfgCloudAccount:       "AzureCfg",
	GcpAtSesCloudAccount:       "GcpAtSes",
	GcpCfgCloudAccount:         "GcpCfg",
	GcpGkeAuditCloudAccount:    "GcpGkeAudit",
	GcpSidekickCloudAccount:    "GcpSidekick",
	AzureSidekickCloudAccount:  "AzureSidekick",
	GcpAlPubSubCloudAccount:    "GcpAlPubSub",
	OciCfgCloudAccount:         "OciCfg",
}

CloudAccountTypes is the list of available Cloud Account integration types

View Source 
var ContainerRegistryTypes = map[containerRegistryType]string{
	NoneContainerRegistry:          "None",
	GcpGarContainerRegistry:        "GCP_GAR",
	GhcrContainerRegistry:          "GHCR",
	InlineScannerContainerRegistry: "INLINE_SCANNER",
	ProxyScannerContainerRegistry:  "PROXY_SCANNER",
	AwsEcrContainerRegistry:        "AWS_ECR",
	DockerhubContainerRegistry:     "DOCKERHUB",
	DockerhubV2ContainerRegistry:   "V2_REGISTRY",
	GcpGcrContainerRegistry:        "GCP_GCR",
}

ContainerRegistryTypes is the list of available Container Registry integration types

View Source 
var EntityTypes = map[EntityType]string{
	NoneEntityType:           "None",
	MachineDetailsEntityType: "MachineDetails",
	MachineEntityType:        "Machines",
	UsersEntityType:          "Users",
	ImagesEntityType:         "Images",
	ContainersEntityType:     "Containers",
}

EntityTypes is the list of available entity types

View Source 
var (
	GcpResourceGroupAllProjects = []string{"*"}
)

Wildcard values for selecting all gcp projects

View Source 
var JiraIssueGroupings = map[jiraIssueGrouping]string{
	NoneJiraIssueGrouping:      "",
	EventsJiraIssueGrouping:    "Events",
	ResourcesJiraIssueGrouping: "Resources",
}
View Source 
var JiraIssueGroupingsSurvey = map[string]jiraIssueGrouping{
	"None":      NoneJiraIssueGrouping,
	"Events":    EventsJiraIssueGrouping,
	"Resources": ResourcesJiraIssueGrouping,
}
View Source 
var (
	LwAccountResourceGroupAllAccounts = []string{"*"}
)

Wildcard values for selecting all lacework accounts

View Source 
var (
	MachineResourceGroupAllTags = []map[string]string{{"*": "*"}}
)

Wildcard values for selecting all machine tags

View Source 
var ReportDefinitionSubtypes = []string{"AWS", "Azure", "GCP"}
View Source 
var ResourceGroupTypes = map[resourceGroupType]resourceGroupContext{
	NoneResourceGroup:      {/* contains filtered or unexported fields */},
	AwsResourceGroup:       {/* contains filtered or unexported fields */},
	AzureResourceGroup:     {/* contains filtered or unexported fields */},
	ContainerResourceGroup: {/* contains filtered or unexported fields */},
	GcpResourceGroup:       {/* contains filtered or unexported fields */},
	LwAccountResourceGroup: {/* contains filtered or unexported fields */},
	MachineResourceGroup:   {/* contains filtered or unexported fields */},
	OciResourceGroup:       {/* contains filtered or unexported fields */},
}

ResourceGroupTypes is the list of available Resource Group types

View Source 
var URL_TYPES = []string{URL_TYPE_DEFAULT, URL_TYPE_SAST_TABLES, URL_TYPE_PROSAST}
View Source 
var ValidAlertSeverities = []string{"critical", "high", "medium", "low", "info"}

ValidAlertSeverities is a list of all valid alert severities

View Source 
var ValidAlertStatuses = []string{"Open", "Closed"}

ValidAlertStatuses is a list of all valid alert statuses

View Source 
var ValidComplianceStatus = []string{
	"non-compliant",
	"requires-manual-assessment",
	"suppressed",
	"compliant",
	"could-not-assess",
}

ValidComplianceStatus is a list of all valid compliance status

View Source 
var ValidPolicySeverities = []string{"critical", "high", "medium", "low", "info"}

ValidPolicySeverities is a list of all valid policy severities

View Source 
var ValidPolicyTypes = policyTypes{
	PolicyTypeCompliance: "Compliance",
	PolicyTypeManual:     "Manual",
	PolicyTypeViolation:  "Violation",
}
View Source 
var VulnerabilityExceptionReasons = map[vulnerabilityExceptionReason]string{
	VulnerabilityExceptionReasonAcceptedRisk:          "Accepted Risk",
	VulnerabilityExceptionReasonAcceptedFalsePositive: "False Positive",
	VulnerabilityExceptionReasonCompensatingControls:  "Compensating Controls",
	VulnerabilityExceptionReasonFixPending:            "Fix Pending",
	VulnerabilityExceptionReasonOther:                 "Other",
	VulnerabilityExceptionReasonUnknown:               "Unknown",
}
View Source 
var VulnerabilityExceptionTypes = map[vulnerabilityExceptionType]string{
	VulnerabilityExceptionTypeHost:      "Host",
	VulnerabilityExceptionTypeContainer: "Container",
}

Functions

func AwsReportTypes 

func AwsReportTypes() []string

func AzureReportTypes 

func AzureReportTypes() []string

func DatadogService 

func DatadogService(service string) (datadogService, error)

DatadogService returns the datadogService type for the corresponding string input

func DatadogSite 

func DatadogSite(site string) (datadogSite, error)

DatadogSite returns the datadogSite type for the corresponding string input

func DoWithExponentialBackoff 

func DoWithExponentialBackoff(f func() error, wait func(x int)) error

func FindAlertChannelType 

func FindAlertChannelType(alertChannel string) (alertChannelType, bool)

FindAlertChannelType looks up inside the list of available alert channel types the matching type from the provided string, if none, returns NoneAlertChannelType

func FindCloudAccountType 

func FindCloudAccountType(cloudAccount string) (cloudAccountType, bool)

FindCloudAccountType looks up inside the list of available cloud account types the matching type from the provided string, if none, returns NoneCloudAccount

func FindContainerRegistryType 

func FindContainerRegistryType(containerRegistry string) (containerRegistryType, bool)

FindContainerRegistryType looks up inside the list of available container registry types the matching type from the provided string, if none, returns NoneContainerRegistry

func FindResourceGroupType 

func FindResourceGroupType(typ string) (resourceGroupType, bool)

FindResourceGroupType looks up inside the list of available resource group types the matching type from the provided string, if none, returns NoneResourceGroup

func GcpReportTypes 

func GcpReportTypes() []string

func NewV2AlertProfilesService 

func NewV2AlertProfilesService(c *Client) *v2alertProfilesService

func NewV2ConfigService 

func NewV2ConfigService(c *Client) *v2ConfigService

func NewV2VulnerabilitiesService 

func NewV2VulnerabilitiesService(c *Client) *v2VulnerabilitiesService

func NewVulnerabilityExceptionReason 

func NewVulnerabilityExceptionReason(reason string) vulnerabilityExceptionReason

func QRadarComm 

func QRadarComm(site string) (qradarComm, error)

QRadarComm returns the qradarComm type for the corresponding string input

func ReportDefinitionSubTypes 

func ReportDefinitionSubTypes() (values []string)

func ReportDistributionFrequencies 

func ReportDistributionFrequencies() (frequencies []string)

func ReportDistributionScopes 

func ReportDistributionScopes() (values []string)

func ReportDistributionViolations 

func ReportDistributionViolations() (values []string)

func SeverityInt 

func SeverityInt(sev int) string

func SeverityOrder 

func SeverityOrder(severity string) int

func TransformReportRuleNotification 

func TransformReportRuleNotification(notificationsMap map[string]bool, notificationType reportRuleNotification) error

func WindowedSearchFirst 

func WindowedSearchFirst(fn search, size int, max int, response SearchResponse, filter SearchableFilter) error

WindowedSearchFirst performs a new search of a specific time frame size, until response data is found or the max searchable days is reached

Types

type Account 

type Account struct {
	Admin       bool   `json:"admin"`
	AccountName string `json:"accountName"`
	CustGUID    string `json:"custGuid"`
	UserGUID    string `json:"userGuid"`
	UserEnabled int    `json:"userEnabled"`
}

func (*Account) Enabled 

func (a *Account) Enabled() bool

type AgentAccessToken 

type AgentAccessToken struct {
	AccessToken string                `json:"accessToken"`
	CreatedTime time.Time             `json:"createdTime"`
	Props       AgentAccessTokenProps `json:"props,omitempty"`
	TokenAlias  string                `json:"tokenAlias"`
	Enabled     int                   `json:"tokenEnabled"`
	Version     string                `json:"version"`
}

func (AgentAccessToken) PrettyState 

func (t AgentAccessToken) PrettyState() string

func (AgentAccessToken) State 

func (t AgentAccessToken) State() bool

type AgentAccessTokenProps 

type AgentAccessTokenProps struct {
	CreatedTime time.Time `json:"createdTime,omitempty"`
	Description string    `json:"description,omitempty"`
}

type AgentAccessTokenRequest 

type AgentAccessTokenRequest struct {
	Enabled    int                    `json:"tokenEnabled"`
	TokenAlias string                 `json:"tokenAlias,omitempty"`
	Props      *AgentAccessTokenProps `json:"props,omitempty"`
}

type AgentAccessTokenResponse 

type AgentAccessTokenResponse struct {
	Data AgentAccessToken `json:"data"`
}

type AgentAccessTokensResponse 

type AgentAccessTokensResponse struct {
	Data []AgentAccessToken `json:"data"`
}

type AgentAccessTokensService 

type AgentAccessTokensService struct {
	// contains filtered or unexported fields
}

AgentAccessTokensService is the service that interacts with the AgentAccessTokens schema from the Lacework APIv2 Server

func (*AgentAccessTokensService) Create 

func (svc *AgentAccessTokensService) Create(alias, desc string) (
	response AgentAccessTokenResponse,
	err error,
)

Create creates a single Agent Access Token

func (*AgentAccessTokensService) Get 

func (svc *AgentAccessTokensService) Get(token string) (
	response AgentAccessTokenResponse,
	err error,
)

Get returns an Agent Access Token with the matching ID (token)

func (*AgentAccessTokensService) List 

func (svc *AgentAccessTokensService) List() (response AgentAccessTokensResponse, err error)

List returns a list of Agent Access Tokens

func (*AgentAccessTokensService) SearchAlias 

func (svc *AgentAccessTokensService) SearchAlias(alias string) (
	response AgentAccessTokensResponse,
	err error,
)

SearchAlias will search for an Agent Access Token that matches the provider token alias

func (*AgentAccessTokensService) Update 

func (svc *AgentAccessTokensService) Update(token string, data AgentAccessTokenRequest) (
	response AgentAccessTokenResponse,
	err error,
)

Update updates an Agent Access Token with the provided request data

func (*AgentAccessTokensService) UpdateState 

func (svc *AgentAccessTokensService) UpdateState(token string, enable bool) (
	response AgentAccessTokenResponse,
	err error,
)

UpdateState updates only the state of an Agent Access Token (enable or disable)

type AgentInfo 

type AgentInfo struct {
	AgentVersion string    `json:"agentVersion"`
	CreatedTime  time.Time `json:"createdTime"`
	Hostname     string    `json:"hostname"`
	IpAddr       string    `json:"ipAddr"`
	LastUpdate   time.Time `json:"lastUpdate"`
	Mid          int       `json:"mid"`
	Mode         string    `json:"mode"`
	Os           string    `json:"os"`
	Status       string    `json:"status"`
	Tags         struct {
		// Shared Tags
		Arch           string `json:"arch,omitempty"`
		ExternalIP     string `json:"ExternalIp,omitempty"`
		Hostname       string `json:"Hostname,omitempty"`
		InstanceID     string `json:"InstanceId,omitempty"`
		InternalIP     string `json:"InternalIp,omitempty"`
		LwTokenShort   string `json:"LwTokenShort,omitempty"`
		Os             string `json:"os,omitempty"`
		VMInstanceType string `json:"VmInstanceType,omitempty"`
		VMProvider     string `json:"VmProvider,omitempty"`
		Zone           string `json:"Zone,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiID    string `json:"AmiId,omitempty"`
		Name     string `json:"Name,omitempty"`
		SubnetID string `json:"SubnetId,omitempty"`
		VpcID    string `json:"VpcId,omitempty"`

		// GCP Tags
		Cluster                 string `json:"Cluster,omitempty"`
		ClusterLocation         string `json:"cluster-location,omitempty"`
		ClusterName             string `json:"cluster-name,omitempty"`
		ClusterUID              string `json:"cluster-uid,omitempty"`
		CreatedBy               string `json:"created-by,omitempty"`
		EnableOSLogin           string `json:"enable-oslogin,omitempty"`
		Env                     string `json:"Env,omitempty"`
		GCEtags                 string `json:"GCEtags,omitempty"`
		GCIEnsureGKEDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GCIUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePCID string `json:"google-compute-enable-pcid,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		InstanceTemplate        string `json:"InstanceTemplate,omitempty"`
		KubeLabels              string `json:"kube-labels,omitempty"`
		LWKubernetesCluster     string `json:"lw_KubernetesCluster,omitempty"`
		NumericProjectID        string `json:"NumericProjectId,omitempty"`
		ProjectID               string `json:"ProjectId,omitempty"`
	} `json:"tags"`
}

type AgentInfoResponse 

type AgentInfoResponse struct {
	Data   []AgentInfo  `json:"data"`
	Paging V2Pagination `json:"paging"`
	// contains filtered or unexported fields
}

func (AgentInfoResponse) PageInfo 

func (r AgentInfoResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (AgentInfoResponse) PageNumber 

func (m AgentInfoResponse) PageNumber() int

func (*AgentInfoResponse) PageRead 

func (m *AgentInfoResponse) PageRead()

func (*AgentInfoResponse) ResetPaging 

func (r *AgentInfoResponse) ResetPaging()

func (*AgentInfoResponse) SetTotalPages 

func (m *AgentInfoResponse) SetTotalPages(total int)

func (AgentInfoResponse) TotalPages 

func (m AgentInfoResponse) TotalPages() int

type AgentInfoService 

type AgentInfoService struct {
	// contains filtered or unexported fields
}

AgentInfoService is the service that interacts with the AgentInfo schema from the Lacework APIv2 Server

func (*AgentInfoService) Search 

func (svc *AgentInfoService) Search(response interface{}, filters SearchFilter) error

type Alert 

type Alert struct {
	ID            int                `json:"alertId"`
	Name          string             `json:"alertName"`
	Type          string             `json:"alertType"`
	Severity      string             `json:"severity"`
	Info          AlertInfo          `json:"alertInfo"`
	Spec          AlertSpec          `json:"alertSpec"`
	Status        string             `json:"status"`
	StartTime     string             `json:"startTime"`
	EndTime       string             `json:"endTime"`
	UpdateTime    string             `json:"lastUserUpdateTime"`
	PolicyID      string             `json:"policyId"`
	DerivedFields AlertDerivedFields `json:"derivedFields"`
	Reachability  string             `json:"reachability"`
}

func (Alert) GetSeverity 

func (a Alert) GetSeverity() string

type AlertChannel 

type AlertChannel interface {
	ID() string
	AlertChannelType() alertChannelType
}

AlertChannel is an interface that helps us implement a few functions that any Alert Channel might use, there are some cases, like during Update, where we need to get the ID of the Alert Channel and its type, this will allow users to pass any Alert Channel that implements these methods

type AlertChannelRaw 

type AlertChannelRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewAlertChannel 

func NewAlertChannel(name string, iType alertChannelType, data interface{}) AlertChannelRaw

NewAlertChannel returns an instance of the AlertChannelRaw struct with the provided Alert Channel integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Alert Channel type.

Basic usage: Initialize a new EmailUserAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

emailAlertChan := api.NewAlertChannel("foo",
  api.EmailUserAlertChannelType,
  api.EmailUserData{
    ChannelProps: api.EmailUserChannelProps{
      Recipients: []string{"name@example.com"},
    },
  },
)

client.V2.AlertChannels.Create(emailAlertChan)

func (AlertChannelRaw) AlertChannelType 

func (alert AlertChannelRaw) AlertChannelType() alertChannelType

func (AlertChannelRaw) GetCommon 

func (alert AlertChannelRaw) GetCommon() v2CommonIntegrationData

func (AlertChannelRaw) GetData 

func (alert AlertChannelRaw) GetData() any

func (AlertChannelRaw) ID 

func (c AlertChannelRaw) ID() string

func (AlertChannelRaw) StateString 

func (c AlertChannelRaw) StateString() string

func (AlertChannelRaw) Status 

func (c AlertChannelRaw) Status() string

type AlertChannelResponse 

type AlertChannelResponse struct {
	Data AlertChannelRaw `json:"data"`
}

type AlertChannelsResponse 

type AlertChannelsResponse struct {
	Data []AlertChannelRaw `json:"data"`
}

type AlertChannelsService 

type AlertChannelsService struct {
	// contains filtered or unexported fields
}

AlertChannelsService is the service that interacts with the AlertChannels schema from the Lacework APIv2 Server

func (*AlertChannelsService) Create 

func (svc *AlertChannelsService) Create(integration AlertChannelRaw) (
	response AlertChannelResponse,
	err error,
)

Create creates a single Alert Channel integration

func (*AlertChannelsService) Delete 

func (svc *AlertChannelsService) Delete(guid string) error

Delete deletes a Alert Channel integration that matches the provided guid

func (*AlertChannelsService) Get 

func (svc *AlertChannelsService) Get(guid string, response interface{}) error

Get returns a raw response of the Alert Channel with the matching integration guid.

To return a more specific Go struct of a Alert Channel integration, use the proper method such as GetEmailUser() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Alert Channel integration type.

func (*AlertChannelsService) GetAwsS3 

func (svc *AlertChannelsService) GetAwsS3(guid string) (
	response AwsS3AlertChannelResponseV2,
	err error,
)

GetAwsS3 gets a single AwsS3 alert channel matching the provided integration guid

func (*AlertChannelsService) GetCiscoSparkWebhook 

func (svc *AlertChannelsService) GetCiscoSparkWebhook(guid string) (
	response CiscoSparkWebhookAlertChannelResponseV2, err error,
)

GetCiscoSparkWebhook gets a single instance of a Cisco Spark webhook alert channel with the corresponding integration guid

func (*AlertChannelsService) GetCloudwatchEb 

func (svc *AlertChannelsService) GetCloudwatchEb(guid string) (
	response CloudwatchEbAlertChannelResponseV2, err error,
)

GetCloudwatchEb gets a single instance of an AWS Cloudwatch alert channel with the corresponding integration guid

func (*AlertChannelsService) GetDatadog 

func (svc *AlertChannelsService) GetDatadog(guid string) (response DatadogAlertChannelResponseV2, err error)

GetDatadog gets a single instance of a Datadog alert channel with the corresponding integration guid

func (*AlertChannelsService) GetEmailUser 

func (svc *AlertChannelsService) GetEmailUser(guid string) (
	response EmailUserAlertChannelResponse,
	err error,
)

GetEmailUser gets a single EmailUser alert channel matching the provided integration guid

func (*AlertChannelsService) GetGcpPubSub 

func (svc *AlertChannelsService) GetGcpPubSub(guid string) (response GcpPubSubAlertChannelResponseV2, err error)

GetGcpPubSub gets a single instance of a GCP Pub Sub alert channel with the corresponding guid

func (*AlertChannelsService) GetIbmQRadar 

func (svc *AlertChannelsService) GetIbmQRadar(guid string) (
	response IbmQRadarAlertChannelResponseV2,
	err error,
)

GetIbmQRadar gets a single IbmQRadar alert channel matching the provided integration guid

func (*AlertChannelsService) GetJira 

func (svc *AlertChannelsService) GetJira(guid string) (response JiraAlertChannelResponseV2, err error)

GetJira gets a single instance of a Jira Cloud or Jira Server alert channel with the corresponding guid

func (*AlertChannelsService) GetMicrosoftTeams 

func (svc *AlertChannelsService) GetMicrosoftTeams(guid string) (
	response MicrosoftTeamsAlertChannelResponseV2, err error,
)

GetMicrosoftTeams gets a single instance of a MicrosoftTeams alert channel with the corresponding integration guid

func (*AlertChannelsService) GetNewRelicInsights 

func (svc *AlertChannelsService) GetNewRelicInsights(guid string) (
	response NewRelicInsightsAlertChannelResponseV2,
	err error,
)

GetNewRelicInsights gets a single NewRelic alert channel matching the provided integration guid

func (*AlertChannelsService) GetPagerDutyApi 

func (svc *AlertChannelsService) GetPagerDutyApi(guid string) (
	response PagerDutyApiAlertChannelResponseV2,
	err error,
)

GetPagerDutyApi gets a single PagerDuty alert channel matching the provided integration guid

func (*AlertChannelsService) GetServiceNowRest 

func (svc *AlertChannelsService) GetServiceNowRest(guid string) (
	response ServiceNowRestAlertChannelResponseV2,
	err error,
)

GetServiceNowRest gets a single ServiceNowRest alert channel matching the provided integration guid

func (*AlertChannelsService) GetSlackChannel 

func (svc *AlertChannelsService) GetSlackChannel(guid string) (
	response SlackChannelAlertChannelResponseV2,
	err error,
)

GetSlackChannel gets a single SlackChannel alert channel matching the provided integration guid

func (*AlertChannelsService) GetSplunkHec 

func (svc *AlertChannelsService) GetSplunkHec(guid string) (
	response SplunkHecAlertChannelResponseV2,
	err error,
)

GetSplunkHec gets a single Splunk alert channel matching the provided integration guid

func (*AlertChannelsService) GetVictorOps 

func (svc *AlertChannelsService) GetVictorOps(guid string) (
	response VictorOpsAlertChannelResponseV2,
	err error,
)

GetVictorOps gets a single VictorOps alert channel matching the provided integration guid

func (*AlertChannelsService) GetWebhook 

func (svc *AlertChannelsService) GetWebhook(guid string) (
	response WebhookAlertChannelResponseV2,
	err error,
)

GetWebhook gets a single Webhook alert channel matching the provided integration guid

func (*AlertChannelsService) List 

func (svc *AlertChannelsService) List() (response AlertChannelsResponse, err error)

List returns a list of Alert Channel integrations

func (*AlertChannelsService) Test 

func (svc *AlertChannelsService) Test(guid string) error

Test tests an Alert Channel integration that matches the provided guid

func (*AlertChannelsService) UpdateAwsS3 

func (svc *AlertChannelsService) UpdateAwsS3(data AlertChannel) (
	response AwsS3AlertChannelResponseV2,
	err error,
)

UpdateAwsS3 updates a single AwsS3 integration on the Lacework Server

func (*AlertChannelsService) UpdateCiscoSparkWebhook 

func (svc *AlertChannelsService) UpdateCiscoSparkWebhook(data AlertChannel) (
	response CiscoSparkWebhookAlertChannelResponseV2, err error,
)

UpdateCiscoSparkWebhook updates a single instance of Cisco Spark webhook integration on the Lacework server

func (*AlertChannelsService) UpdateCloudwatchEb 

func (svc *AlertChannelsService) UpdateCloudwatchEb(data AlertChannel) (
	response CloudwatchEbAlertChannelResponseV2, err error,
)

UpdateCloudwatchEb Update AWSCloudWatch updates a single instance of an AWS cloudwatch integration on the Lacework server

func (*AlertChannelsService) UpdateDatadog 

func (svc *AlertChannelsService) UpdateDatadog(data AlertChannel) (response DatadogAlertChannelResponseV2, err error)

UpdateDatadog updates a single instance of a Datadog integration on the Lacework server

func (*AlertChannelsService) UpdateEmailUser 

func (svc *AlertChannelsService) UpdateEmailUser(data AlertChannel) (
	response EmailUserAlertChannelResponse,
	err error,
)

UpdateEmailUser updates a single EmailUser integration on the Lacework Server

func (*AlertChannelsService) UpdateGcpPubSub 

func (svc *AlertChannelsService) UpdateGcpPubSub(data AlertChannel) (
	response GcpPubSubAlertChannelResponseV2, err error,
)

UpdateGcpPubSub updates a single instance of GCP Pub Sub integration on the Lacework server

func (*AlertChannelsService) UpdateIbmQRadar 

func (svc *AlertChannelsService) UpdateIbmQRadar(data AlertChannel) (
	response IbmQRadarAlertChannelResponseV2,
	err error,
)

UpdateIbmQRadar updates a single IbmQRadar integration on the Lacework Server

func (*AlertChannelsService) UpdateJira 

func (svc *AlertChannelsService) UpdateJira(data AlertChannel) (response JiraAlertChannelResponseV2, err error)

UpdateJira updates a single instance of a Jira Cloud or Jira Server integration on the Lacework server

func (*AlertChannelsService) UpdateMicrosoftTeams 

func (svc *AlertChannelsService) UpdateMicrosoftTeams(data AlertChannel) (
	response MicrosoftTeamsAlertChannelResponseV2, err error,
)

UpdateMicrosoftTeams updates a single instance of a MicrosoftTeams integration on the Lacework server

func (*AlertChannelsService) UpdateNewRelicInsights 

func (svc *AlertChannelsService) UpdateNewRelicInsights(data AlertChannel) (
	response NewRelicInsightsAlertChannelResponseV2,
	err error,
)

UpdateNewRelicInsights updates a single NewRelic integration on the Lacework Server

func (*AlertChannelsService) UpdatePagerDutyApi 

func (svc *AlertChannelsService) UpdatePagerDutyApi(data AlertChannel) (
	response PagerDutyApiAlertChannelResponseV2,
	err error,
)

UpdatePagerDutyApi updates a single PagerDuty integration on the Lacework Server

func (*AlertChannelsService) UpdateServiceNowRest 

func (svc *AlertChannelsService) UpdateServiceNowRest(data AlertChannel) (
	response ServiceNowRestAlertChannelResponseV2,
	err error,
)

UpdateServiceNowRest updates a single ServiceNowRest integration on the Lacework Server

func (*AlertChannelsService) UpdateSlackChannel 

func (svc *AlertChannelsService) UpdateSlackChannel(data AlertChannel) (
	response SlackChannelAlertChannelResponseV2,
	err error,
)

UpdateSlackChannel updates a single SlackChannel integration on the Lacework Server

func (*AlertChannelsService) UpdateSplunkHec 

func (svc *AlertChannelsService) UpdateSplunkHec(data AlertChannel) (
	response SplunkHecAlertChannelResponseV2,
	err error,
)

UpdateSplunkHec updates a single Splunk integration on the Lacework Server

func (*AlertChannelsService) UpdateVictorOps 

func (svc *AlertChannelsService) UpdateVictorOps(data AlertChannel) (
	response VictorOpsAlertChannelResponseV2,
	err error,
)

UpdateVictorOps updates a single VictorOps integration on the Lacework Server

func (*AlertChannelsService) UpdateWebhook 

func (svc *AlertChannelsService) UpdateWebhook(data AlertChannel) (
	response WebhookAlertChannelResponseV2,
	err error,
)

UpdateWebhook updates a single Webhook integration on the Lacework Server

type AlertCloseRequest 

type AlertCloseRequest struct {
	AlertID int    `json:"-"`
	Reason  int    `json:"reason"`
	Comment string `json:"comment,omitempty"`
}

type AlertCloseResponse 

type AlertCloseResponse struct {
	Message string `json:"message"`
}

type AlertDerivedFields 

type AlertDerivedFields struct {
	Category    string `json:"category"`
	SubCategory string `json:"sub_category"`
	Source      string `json:"source"`
}

type AlertDetails 

type AlertDetails struct {
	Alert
	EntityMap map[string]interface{} `json:"entityMap"` // @dhazekamp: this needs to be built out properly
}

type AlertDetailsResponse 

type AlertDetailsResponse struct {
	Data AlertDetails `json:"data"`
}

type AlertEvent 

type AlertEvent map[string]interface{}

@dhazekamp: is this the same structure as v2/Events? @dhazekamp: is this structure consistent across alerts (types)

type AlertEventsResponse 

type AlertEventsResponse struct {
	Data []AlertEvent `json:"data"`
}

type AlertInfo 

type AlertInfo struct {
	Subject     string `json:"subject"`
	Description string `json:"description"`
}

type AlertIntegration 

type AlertIntegration struct {
	ID            string                  `json:"alertIntegrationId"`
	AlertID       int                     `json:"alertId"`
	Type          string                  `json:"integrationType"`
	Channel       AlertIntegrationChannel `json:"alertChannel"`
	Context       AlertIntegrationContext `json:"integrationContext"`
	IntgGUID      string                  `json:"intgGuid"`
	LastSyncTime  string                  `json:"lastSyncTime"`
	Status        string                  `json:"status"`
	Bidirectional bool                    `json:"isBidirectional"`
}

type AlertIntegrationChannel 

type AlertIntegrationChannel struct {
	IntgGuid             string                       `json:"INTG_GUID,omitempty"`
	Name                 string                       `json:"NAME"`
	CreatedOrUpdatedTime string                       `json:"CREATED_OR_UPDATED_TIME,omitempty"`
	CreatedOrUpdatedBy   string                       `json:"CREATED_OR_UPDATED_BY,omitempty"`
	Type                 string                       `json:"TYPE"`
	Enabled              int                          `json:"ENABLED"`
	State                AlertIntegrationChannelState `json:"STATE,omitempty"`
	IsOrg                int                          `json:"IS_ORG,omitempty"`
	TypeName             string                       `json:"TYPE_NAME,omitempty"`
	EnvironmentGUID      string                       `json:"ENV_GUID"`
	Data                 map[string]interface{}       `json:"DATA"`
}

func (AlertIntegrationChannel) StateString 

func (c AlertIntegrationChannel) StateString() string

func (AlertIntegrationChannel) Status 

func (c AlertIntegrationChannel) Status() string

type AlertIntegrationChannelState 

type AlertIntegrationChannelState struct {
	Ok                 bool                   `json:"ok"`
	LastUpdatedTime    int                    `json:"lastUpdatedTime"`
	LastSuccessfulTime int                    `json:"lastSuccessfulTime"`
	Details            map[string]interface{} `json:"details,omitempty"`
}

type AlertIntegrationContext 

type AlertIntegrationContext struct {
	ID   string `json:"id"`
	Link string `json:"link"`
}

type AlertIntegrationsResponse 

type AlertIntegrationsResponse struct {
	Data []AlertIntegration `json:"data"`
}

type AlertInvestigation 

type AlertInvestigation struct {
	Question string `json:"question"`
	Answer   string `json:"answer"`
}

type AlertInvestigationResponse 

type AlertInvestigationResponse struct {
	Data []AlertInvestigation `json:"data"`
}

type AlertProfile 

type AlertProfile struct {
	Guid            string                        `json:"alertProfileId,omitempty" yaml:"alertProfileId,omitempty"`
	Extends         string                        `json:"extends" yaml:"extends"`
	Fields          []AlertProfileField           `json:"fields,omitempty" yaml:"fields,omitempty"`
	DescriptionKeys []AlertProfileDescriptionKeys `json:"descriptionKeys,omitempty" yaml:"descriptionKeys,omitempty"`
	Alerts          []AlertTemplate               `json:"alerts" yaml:"alerts"`
}

type AlertProfileConfig 

type AlertProfileConfig struct {
	Guid    string          `json:"alertProfileId" yaml:"alertProfileId"`
	Extends string          `json:"extends" yaml:"extends"`
	Alerts  []AlertTemplate `json:"alerts" yaml:"alerts"`
}

func NewAlertProfile 

func NewAlertProfile(id string, extends string, alerts []AlertTemplate) AlertProfileConfig

NewAlertProfile returns an instance of the AlertProfileConfig struct

Basic usage: Initialize a new AlertProfileConfig struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  alertProfile := api.NewAlertProfile(
		"CUSTOM_PROFILE_NAME",
		"LW_HE_FILES_DEFAULT_PROFILE"
		[]api.AlertTemplate{{
		...
		}
    },
  )

  client.V2.Alert.Profiles.Create(AlertProfile)

type AlertProfileDescriptionKeys 

type AlertProfileDescriptionKeys struct {
	Name string `json:"name" yaml:"name"`
	Spec string `json:"spec" yaml:"spec"`
}

type AlertProfileField 

type AlertProfileField struct {
	Name string `json:"name" yaml:"name"`
}

type AlertProfileResponse 

type AlertProfileResponse struct {
	Data AlertProfile `json:"data" yaml:"data"`
}

type AlertProfilesResponse 

type AlertProfilesResponse struct {
	Data []AlertProfile `json:"data" yaml:"data"`
}

type AlertRule 

type AlertRule struct {
	Guid     string          `json:"mcGuid,omitempty"`
	Type     string          `json:"type"`
	Channels []string        `json:"intgGuidList"`
	Filter   AlertRuleFilter `json:"filters"`
}

func NewAlertRule 

func NewAlertRule(name string, rule AlertRuleConfig) AlertRule

NewAlertRule returns an instance of the AlertRule struct

Basic usage: Initialize a new AlertRule struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  alertRule := api.NewAlertRule(
		"Foo",
		api.AlertRuleConfig{
		Description: "My Alert Rule"
		Severities: api.AlertRuleSeverities{api.AlertRuleSeverityHigh,
		Channels: []string{"TECHALLY_000000000000AAAAAAAAAAAAAAAAAAAA"},
		ResourceGroups: []string{"TECHALLY_111111111111AAAAAAAAAAAAAAAAAAAA"}
      },
    },
  )

  client.V2.AlertRules.Create(alertRule)

type AlertRuleConfig 

type AlertRuleConfig struct {
	Channels           []string
	Description        string
	Severities         AlertRuleSeverities
	ResourceGroups     []string
	AlertSubCategories []string
	AlertCategories    []string
	AlertSources       []string
}

type AlertRuleFilter 

type AlertRuleFilter struct {
	Name                 string   `json:"name"`
	Enabled              int      `json:"enabled"`
	Description          string   `json:"description,omitempty"`
	Severity             []int    `json:"severity"`
	ResourceGroups       []string `json:"resourceGroups"`
	AlertSubCategories   []string `json:"subCategory"`
	AlertCategories      []string `json:"category"`
	AlertSources         []string `json:"source,omitempty"`
	CreatedOrUpdatedTime string   `json:"createdOrUpdatedTime,omitempty"`
	CreatedOrUpdatedBy   string   `json:"createdOrUpdatedBy,omitempty"`
}

func (AlertRuleFilter) Status 

func (rule AlertRuleFilter) Status() string

type AlertRuleResponse 

type AlertRuleResponse struct {
	Data AlertRule `json:"data"`
}

type AlertRuleSeverities 

type AlertRuleSeverities []alertRuleSeverity

func NewAlertRuleSeverities 

func NewAlertRuleSeverities(sevSlice []string) AlertRuleSeverities

func NewAlertRuleSeveritiesFromIntSlice 

func NewAlertRuleSeveritiesFromIntSlice(sevSlice []int) AlertRuleSeverities

func (AlertRuleSeverities) ToStringSlice 

func (sevs AlertRuleSeverities) ToStringSlice() []string

type AlertRulesResponse 

type AlertRulesResponse struct {
	Data []AlertRule `json:"data"`
}

type AlertRulesService 

type AlertRulesService struct {
	// contains filtered or unexported fields
}

AlertRulesService is the service that interacts with the AlertRules schema from the Lacework APIv2 Server

func (*AlertRulesService) Create 

func (svc *AlertRulesService) Create(rule AlertRule) (
	response AlertRuleResponse,
	err error,
)

Create creates a single Alert Rule

func (*AlertRulesService) Delete 

func (svc *AlertRulesService) Delete(guid string) error

Delete deletes a Alert Rule that matches the provided guid

func (*AlertRulesService) Get 

func (svc *AlertRulesService) Get(guid string, response interface{}) error

Get returns a raw response of the Alert Rule with the matching guid.

func (*AlertRulesService) List 

func (svc *AlertRulesService) List() (response AlertRulesResponse, err error)

List returns a list of Alert Rules

func (*AlertRulesService) Update 

func (svc *AlertRulesService) Update(data AlertRule) (
	response AlertRuleResponse,
	err error,
)

Update updates a single Alert Rule of the provided guid.

type AlertSpec 

type AlertSpec struct {
	Profile string `json:"alertProfile"`
	Name    string `json:"name"`
}

type AlertTemplate 

type AlertTemplate struct {
	Name        string `json:"name" yaml:"name"`
	EventName   string `json:"eventName" yaml:"eventName"`
	Description string `json:"description" yaml:"description"`
	Subject     string `json:"subject" yaml:"subject"`
}

type AlertTimeline 

type AlertTimeline struct {
	ID              int                        `json:"id"`
	AlertID         int                        `json:"alertId"`
	EntryType       string                     `json:"entryType"`
	EntryAuthorType string                     `json:"entryAuthorType"`
	IntgGUID        string                     `json:"intgGuid"`
	Message         AlertTimelineMessage       `json:"message"`
	ExternalTime    string                     `json:"externalTime"`
	User            AlertTimelineUser          `json:"user"`
	UpdateContext   AlertTimelineUpdateContext `json:"updateContext"`
	Channel         AlertIntegrationChannel    `json:"alertChannel"`
}

type AlertTimelineMessage 

type AlertTimelineMessage struct {
	Format string `json:"format"`
	Value  string `json:"value"`
}

type AlertTimelineNewIntegrationContext 

type AlertTimelineNewIntegrationContext struct {
	AlertID                int    `json:"alertId"`
	LastSyncTime           string `json:"lastSyncTime"`
	AlertIntegrationStatus string `json:"alertIntegrationStatus"`
	Status                 string `json:"status"`
	Bidirectional          bool   `json:"isBidirectional"`
}

type AlertTimelineResponse 

type AlertTimelineResponse struct {
	Data []AlertTimeline `json:"data"`
}

type AlertTimelineUpdateContext 

type AlertTimelineUpdateContext struct {
	NewIntegration AlertTimelineNewIntegrationContext `json:"newIntegration"`
}

type AlertTimelineUser 

type AlertTimelineUser struct {
	UserGUID string `json:"userGuid"`
	Name     string `json:"username"`
}

type Alerts 

type Alerts []Alert

func (Alerts) SortByID 

func (a Alerts) SortByID()

Sort by alert ID descending

func (Alerts) SortBySeverity 

func (a Alerts) SortBySeverity()

Sort by alert severity descending (from critical -> low)

type AlertsCommentRequest 

type AlertsCommentRequest struct {
	Comment string `json:"comment"`
}

type AlertsCommentResponse 

type AlertsCommentResponse struct {
	Data AlertTimeline `json:"data"`
}

type AlertsResponse 

type AlertsResponse struct {
	Data   Alerts       `json:"data"`
	Paging V2Pagination `json:"paging"`
	// contains filtered or unexported fields
}

func (AlertsResponse) PageInfo 

func (r AlertsResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (AlertsResponse) PageNumber 

func (m AlertsResponse) PageNumber() int

func (*AlertsResponse) PageRead 

func (m *AlertsResponse) PageRead()

func (*AlertsResponse) ResetPaging 

func (r *AlertsResponse) ResetPaging()

func (*AlertsResponse) SetTotalPages 

func (m *AlertsResponse) SetTotalPages(total int)

func (AlertsResponse) TotalPages 

func (m AlertsResponse) TotalPages() int

type AlertsService 

type AlertsService struct {
	// contains filtered or unexported fields
}

AlertsService is a service that interacts with the Alerts endpoints from the Lacework Server

func (*AlertsService) Close 

func (svc *AlertsService) Close(request AlertCloseRequest) (
	response AlertCloseResponse,
	err error,
)

func (*AlertsService) Comment 

func (svc *AlertsService) Comment(id int, comment string) (
	response AlertsCommentResponse,
	err error,
)

func (*AlertsService) Exists 

func (svc *AlertsService) Exists(id int) (bool, error)

func (*AlertsService) Get 

func (svc *AlertsService) Get(id int, scope alertScope) (interface{}, error)

func (*AlertsService) GetDetails 

func (svc *AlertsService) GetDetails(id int) (
	response AlertDetailsResponse,
	err error,
)

func (*AlertsService) GetEvents 

func (svc *AlertsService) GetEvents(id int) (
	response AlertEventsResponse,
	err error,
)

func (*AlertsService) GetIntegrations 

func (svc *AlertsService) GetIntegrations(id int) (
	response AlertIntegrationsResponse,
	err error,
)

func (*AlertsService) GetInvestigation 

func (svc *AlertsService) GetInvestigation(id int) (
	response AlertInvestigationResponse,
	err error,
)

func (*AlertsService) GetRelatedAlerts 

func (svc *AlertsService) GetRelatedAlerts(id int) (
	response RelatedAlertsResponse,
	err error,
)

func (*AlertsService) GetTimeline 

func (svc *AlertsService) GetTimeline(id int) (
	response AlertTimelineResponse,
	err error,
)

func (*AlertsService) List 

func (svc *AlertsService) List() (response AlertsResponse, err error)

func (*AlertsService) ListAll 

func (svc *AlertsService) ListAll() (response AlertsResponse, err error)

func (*AlertsService) ListAllByTime 

func (svc *AlertsService) ListAllByTime(start, end time.Time) (
	response AlertsResponse,
	err error,
)

func (*AlertsService) ListByTime 

func (svc *AlertsService) ListByTime(start, end time.Time) (
	response AlertsResponse,
	err error,
)

func (*AlertsService) Search 

func (svc *AlertsService) Search(filter SearchFilter) (
	response AlertsResponse,
	err error,
)

func (*AlertsService) SearchAll 

func (svc *AlertsService) SearchAll(filter SearchFilter) (
	response AlertsResponse,
	err error,
)

type Artifact 

type Artifact struct {
	Id             int32  `json:"id"`
	Name           string `json:"name"`
	Version        string `json:"version"`
	Size           int64  `json:"size"`
	InstallMessage string `json:"installMessage"`
	UpdateMessage  string `json:"updateMessage"`
	ArtifactUrl    string `json:"artifact_url"`
}

type AwsCfg 

type AwsCfg struct {
	Data AwsCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsCfg) ID 

func (c AwsCfg) ID() string

func (AwsCfg) StateString 

func (c AwsCfg) StateString() string

func (AwsCfg) Status 

func (c AwsCfg) Status() string

type AwsCfgCredentials 

type AwsCfgCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsCfgData 

type AwsCfgData struct {
	Credentials  AwsCfgCredentials `json:"crossAccountCredentials"`
	AwsAccountID string            `json:"awsAccountId,omitempty"`
}

type AwsCfgIntegrationResponse 

type AwsCfgIntegrationResponse struct {
	Data AwsCfg `json:"data"`
}

type AwsCtSqsCredentials 

type AwsCtSqsCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsCtSqsData 

type AwsCtSqsData struct {
	Credentials  AwsCtSqsCredentials `json:"crossAccountCredentials"`
	QueueUrl     string              `json:"queueUrl"`
	AwsAccountID string              `json:"awsAccountId,omitempty"`

	// This field must be a base64 encode with the following format:
	//
	// "data:application/json;name=i.json;base64,[ENCODING]"
	//
	// [ENCODING] is the the base64 encode, use EncodeAccountMappingFile() to encode a JSON mapping file
	AccountMappingFile string `json:"accountMappingFile,omitempty"`
}

func (*AwsCtSqsData) DecodeAccountMappingFile 

func (aws *AwsCtSqsData) DecodeAccountMappingFile() ([]byte, error)

func (*AwsCtSqsData) EncodeAccountMappingFile 

func (aws *AwsCtSqsData) EncodeAccountMappingFile(mapping []byte)

type AwsCtSqsIntegration 

type AwsCtSqsIntegration struct {
	Data AwsCtSqsData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsCtSqsIntegration) ID 

func (c AwsCtSqsIntegration) ID() string

func (AwsCtSqsIntegration) StateString 

func (c AwsCtSqsIntegration) StateString() string

func (AwsCtSqsIntegration) Status 

func (c AwsCtSqsIntegration) Status() string

type AwsCtSqsIntegrationResponse 

type AwsCtSqsIntegrationResponse struct {
	Data AwsCtSqsIntegration `json:"data"`
}

type AwsEcrAccessKeyCredentials 

type AwsEcrAccessKeyCredentials struct {
	AccessKeyID     string `json:"accessKeyId,omitempty"`
	SecretAccessKey string `json:"secretAccessKey,omitempty"`
}

type AwsEcrAccessKeyData 

type AwsEcrAccessKeyData struct {
	AccessKeyCredentials AwsEcrAccessKeyCredentials `json:"accessKeyCredentials,omitempty"`
	RegistryDomain       string                     `json:"registryDomain"`
	LimitByTag           []string                   `json:"limitByTag,omitempty"`
	LimitByLabel         []map[string]string        `json:"limitByLabel,omitempty"`
	LimitByRep           []string                   `json:"limitByRep,omitempty"`
	LimitNumImg          int                        `json:"limitNumImg"`
	NonOSPackageEval     bool                       `json:"nonOsPackageEval"`
	AwsAuthType          string                     `json:"awsAuthType"`
	RegistryType         string                     `json:"registryType"`
}

type AwsEcrAccessKeyIntegrationResponse 

type AwsEcrAccessKeyIntegrationResponse struct {
	Data AwsEcrIntegration `json:"data"`
}

type AwsEcrCrossAccountCredentials 

type AwsEcrCrossAccountCredentials struct {
	RoleArn    string `json:"roleArn,omitempty"`
	ExternalID string `json:"externalId,omitempty"`
}

type AwsEcrIamRoleData 

type AwsEcrIamRoleData struct {
	CrossAccountCredentials AwsEcrCrossAccountCredentials `json:"crossAccountCredentials,omitempty"`
	RegistryDomain          string                        `json:"registryDomain"`
	RegistryType            string                        `json:"registryType"`
	LimitByTag              []string                      `json:"limitByTag,omitempty"`
	LimitByLabel            []map[string]string           `json:"limitByLabel,omitempty"`
	LimitByRep              []string                      `json:"limitByRep,omitempty"`
	LimitNumImg             int                           `json:"limitNumImg"`
	NonOSPackageEval        bool                          `json:"nonOsPackageEval"`
	AwsAuthType             string                        `json:"awsAuthType"`
}

type AwsEcrIamRoleIntegration 

type AwsEcrIamRoleIntegration struct {
	Data AwsEcrIamRoleData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEcrIamRoleIntegration) ContainerRegistryType 

func (reg AwsEcrIamRoleIntegration) ContainerRegistryType() containerRegistryType

func (AwsEcrIamRoleIntegration) ID 

func (c AwsEcrIamRoleIntegration) ID() string

func (AwsEcrIamRoleIntegration) StateString 

func (c AwsEcrIamRoleIntegration) StateString() string

func (AwsEcrIamRoleIntegration) Status 

func (c AwsEcrIamRoleIntegration) Status() string

type AwsEcrIamRoleIntegrationResponse 

type AwsEcrIamRoleIntegrationResponse struct {
	Data AwsEcrIamRoleIntegration `json:"data"`
}

type AwsEcrIntegration 

type AwsEcrIntegration struct {
	Data AwsEcrAccessKeyData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEcrIntegration) ID 

func (c AwsEcrIntegration) ID() string

func (AwsEcrIntegration) StateString 

func (c AwsEcrIntegration) StateString() string

func (AwsEcrIntegration) Status 

func (c AwsEcrIntegration) Status() string

type AwsEksAuditCredentials 

type AwsEksAuditCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsEksAuditData 

type AwsEksAuditData struct {
	Credentials AwsEksAuditCredentials `json:"crossAccountCredentials"`
	SnsArn      string                 `json:"snsArn"`
	S3BucketArn string                 `json:"s3BucketArn,omitempty"`
}

type AwsEksAuditIntegration 

type AwsEksAuditIntegration struct {
	Data AwsEksAuditData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEksAuditIntegration) ID 

func (c AwsEksAuditIntegration) ID() string

func (AwsEksAuditIntegration) StateString 

func (c AwsEksAuditIntegration) StateString() string

func (AwsEksAuditIntegration) Status 

func (c AwsEksAuditIntegration) Status() string

type AwsEksAuditIntegrationResponse 

type AwsEksAuditIntegrationResponse struct {
	Data AwsEksAuditIntegration `json:"data"`
}

type AwsRecommendationsV2 

type AwsRecommendationsV2 struct {
	// contains filtered or unexported fields
}

AwsRecommendationsV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

func (*AwsRecommendationsV2) GetReport 

func (svc *AwsRecommendationsV2) GetReport(reportType string) ([]RecV2, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*AwsRecommendationsV2) List 

func (svc *AwsRecommendationsV2) List() ([]RecV2, error)

func (*AwsRecommendationsV2) Patch 

func (svc *AwsRecommendationsV2) Patch(recommendations RecommendationStateV2) (RecommendationResponseV2, error)

type AwsReport 

type AwsReport struct {
	ReportType      string             `json:"reportType"`
	ReportTitle     string             `json:"reportTitle"`
	Recommendations []RecommendationV2 `json:"recommendations"`
	Summary         []ReportSummary    `json:"summary"`
	AccountID       string             `json:"accountId"`
	AccountAlias    string             `json:"accountAlias"`
	ReportTime      time.Time          `json:"reportTime"`
}

func (AwsReport) GetComplianceRecommendation 

func (aws AwsReport) GetComplianceRecommendation(recommendationID string) (*RecommendationV2, bool)

type AwsReportConfig 

type AwsReportConfig struct {
	AccountID string
	Value     string
	Parameter reportFilter
}

type AwsReportResponse 

type AwsReportResponse struct {
	Data    []AwsReport `json:"data"`
	Ok      bool        `json:"ok"`
	Message string      `json:"message"`
}

type AwsReportRuleNotifications 

type AwsReportRuleNotifications struct {
	AwsCisS3          bool `json:"awsCisS3"`
	AwsHipaa          bool `json:"hipaa"`
	AwsIso2700        bool `json:"iso2700"`
	AwsNist80053Rev4  bool `json:"nist800-53Rev4"`
	AwsNist800171Rev2 bool `json:"nist800-171Rev2"`
	AwsPci            bool `json:"pci"`
	AwsSoc            bool `json:"soc"`
	AwsSocRev2        bool `json:"awsSocRev2"`
}

func (AwsReportRuleNotifications) ToMap 

func (aws AwsReportRuleNotifications) ToMap() map[string]bool

type AwsReportType 

type AwsReportType int
const (
	NONE_AWS_REPORT AwsReportType = iota
	AWS_CIS_S3
	NIST_800_53_Rev4
	NIST_800_171_Rev2
	ISO_2700
	HIPAA
	SOC
	AWS_SOC_Rev2
	PCI
	AWS_CIS_14
	AWS_CMMC_1_02
	AWS_HIPAA
	AWS_ISO_27001_2013
	AWS_NIST_CSF
	AWS_NIST_800_171_rev2
	AWS_NIST_800_53_rev5
	AWS_PCI_DSS_3_2_1
	AWS_SOC_2
	LW_AWS_SEC_ADD_1_0
	AWS_CIS_1_4_ISO_IEC_27002_2022
	AWS_CYBER_ESSENTIALS_2_2
	AWS_CSA_CCM_4_0_5
)

func NewAwsReportType 

func NewAwsReportType(report string) (AwsReportType, error)

func (AwsReportType) String 

func (report AwsReportType) String() string

type AwsResourceGroupData 

type AwsResourceGroupData struct {
	Guid         string                `json:"guid,omitempty"`
	IsDefault    int                   `json:"isDefault,omitempty"`
	ResourceGuid string                `json:"resourceGuid,omitempty"`
	Name         string                `json:"resourceName"`
	Type         string                `json:"resourceType"`
	Enabled      int                   `json:"enabled,omitempty"`
	Props        AwsResourceGroupProps `json:"props"`

	NameV2            string        `json:"name"`
	Query             *RGQuery      `json:"query"`
	Description       string        `json:"description,omitempty"`
	ResourceGroupGuid string        `json:"resourceGroupGuid,omitempty"`
	CreatedTime       *lwtime.Epoch `json:"lastUpdated,omitempty"`
	CreatedBy         string        `json:"createdBy,omitempty"`
	UpdatedTime       *lwtime.Epoch `json:"updatedTime,omitempty"`
	UpdatedBy         string        `json:"updatedBy,omitempty"`
	IsDefaultBoolean  *bool         `json:"isDefaultBoolean,omitempty"`
	IsOrg             *bool         `json:"isOrg,omitempty"`
}

type AwsResourceGroupProps 

type AwsResourceGroupProps struct {
	Description string        `json:"description,omitempty"`
	AccountIDs  []string      `json:"accountIds"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (AwsResourceGroupProps) GetBaseProps 

func (props AwsResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (AwsResourceGroupProps) MarshalJSON 

func (props AwsResourceGroupProps) MarshalJSON() ([]byte, error)

type AwsResourceGroupResponse 

type AwsResourceGroupResponse struct {
	Data AwsResourceGroupData `json:"data"`
}

type AwsResourceJsonStringGroupProps 

type AwsResourceJsonStringGroupProps struct {
	Description string        `json:"DESCRIPTION,omitempty"`
	AccountIDs  []string      `json:"ACCOUNT_IDS"`
	UpdatedBy   string        `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type AwsS3AlertChannelResponseV2 

type AwsS3AlertChannelResponseV2 struct {
	Data AwsS3AlertChannelV2 `json:"data"`
}

type AwsS3AlertChannelV2 

type AwsS3AlertChannelV2 struct {
	Data AwsS3DataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (AwsS3AlertChannelV2) ID 

func (c AwsS3AlertChannelV2) ID() string

func (AwsS3AlertChannelV2) StateString 

func (c AwsS3AlertChannelV2) StateString() string

func (AwsS3AlertChannelV2) Status 

func (c AwsS3AlertChannelV2) Status() string

type AwsS3Credentials 

type AwsS3Credentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
	BucketArn  string `json:"bucketArn"`
}

type AwsS3DataV2 

type AwsS3DataV2 struct {
	Credentials AwsS3Credentials `json:"s3CrossAccountCredentials"`
}

type AwsSidekick 

type AwsSidekick struct {
	Data AwsSidekickData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsSidekick) ID 

func (c AwsSidekick) ID() string

func (AwsSidekick) StateString 

func (c AwsSidekick) StateString() string

func (AwsSidekick) Status 

func (c AwsSidekick) Status() string

type AwsSidekickCrossAccountCredentials 

type AwsSidekickCrossAccountCredentials struct {
	RoleArn    string `json:"roleArn,omitempty"`
	ExternalID string `json:"externalId,omitempty"`
}

type AwsSidekickData 

type AwsSidekickData struct {
	//QueryText represents an lql json string
	QueryText string `json:"queryText,omitempty"`

	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency int `json:"scanFrequency"`

	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`
	ScanMultiVolume         bool `json:"scanMultiVolume"`
	ScanStoppedInstances    bool `json:"scanStoppedInstances"`
	ScanShortLivedInstances bool `json:"scanShortLivedInstances"`

	AccountID         string                             `json:"awsAccountId,omitempty"`
	BucketArn         string                             `json:"bucketArn,omitempty"`
	CrossAccountCreds AwsSidekickCrossAccountCredentials `json:"crossAccountCredentials"`
}

type AwsSidekickOrg 

type AwsSidekickOrg struct {
	Data AwsSidekickOrgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsSidekickOrg) ID 

func (c AwsSidekickOrg) ID() string

func (AwsSidekickOrg) StateString 

func (c AwsSidekickOrg) StateString() string

func (AwsSidekickOrg) Status 

func (c AwsSidekickOrg) Status() string

type AwsSidekickOrgData 

type AwsSidekickOrgData struct {
	//QueryText represents an lql json string
	QueryText string `json:"queryText,omitempty"`

	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency int `json:"scanFrequency"`

	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`
	ScanMultiVolume         bool `json:"scanMultiVolume"`
	ScanStoppedInstances    bool `json:"scanStoppedInstances"`
	ScanShortLivedInstances bool `json:"scanShortLivedInstances"`

	//Properties specific to the AWS organization integration type
	ScanningAccount   string `json:"scanningAccount"`
	ManagementAccount string `json:"managementAccount,omitempty"`
	MonitoredAccounts string `json:"monitoredAccounts"`

	AccountID          string                             `json:"awsAccountId,omitempty"`
	BucketArn          string                             `json:"bucketArn,omitempty"`
	CrossAccountCreds  AwsSidekickCrossAccountCredentials `json:"crossAccountCredentials"`
	AccountMappingFile string                             `json:"accountMappingFile,omitempty"`
}

func (*AwsSidekickOrgData) DecodeAccountMappingFile 

func (aws *AwsSidekickOrgData) DecodeAccountMappingFile() ([]byte, error)

func (*AwsSidekickOrgData) EncodeAccountMappingFile 

func (aws *AwsSidekickOrgData) EncodeAccountMappingFile(mapping []byte)

type AwsSidekickOrgResponse 

type AwsSidekickOrgResponse struct {
	Data AwsSidekickOrg `json:"data"`
}

type AwsSidekickResponse 

type AwsSidekickResponse struct {
	Data AwsSidekick `json:"data"`
}

type AwsSuppressionsV2 

type AwsSuppressionsV2 struct {
	// contains filtered or unexported fields
}

AwsSuppressionsV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

func (*AwsSuppressionsV2) List 

func (svc *AwsSuppressionsV2) List() (map[string]SuppressionV2, error)

type AwsUsGovCfg 

type AwsUsGovCfg struct {
	Data AwsUsGovCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsUsGovCfg) ID 

func (c AwsUsGovCfg) ID() string

func (AwsUsGovCfg) StateString 

func (c AwsUsGovCfg) StateString() string

func (AwsUsGovCfg) Status 

func (c AwsUsGovCfg) Status() string

type AwsUsGovCfgCredentials 

type AwsUsGovCfgCredentials struct {
	AwsAccountID    string `json:"accountId"`
	AccessKeyID     string `json:"accessKeyId"`
	SecretAccessKey string `json:"secretAccessKey"`
}

type AwsUsGovCfgData 

type AwsUsGovCfgData struct {
	Credentials AwsUsGovCfgCredentials `json:"accessKeyCredentials"`
}

type AwsUsGovCfgIntegrationResponse 

type AwsUsGovCfgIntegrationResponse struct {
	Data AwsUsGovCfg `json:"data"`
}

type AwsUsGovCtSqs 

type AwsUsGovCtSqs struct {
	Data AwsUsGovCtSqsData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsUsGovCtSqs) ID 

func (c AwsUsGovCtSqs) ID() string

func (AwsUsGovCtSqs) StateString 

func (c AwsUsGovCtSqs) StateString() string

func (AwsUsGovCtSqs) Status 

func (c AwsUsGovCtSqs) Status() string

type AwsUsGovCtSqsCredentials 

type AwsUsGovCtSqsCredentials struct {
	AwsAccountID    string `json:"accountId"`
	AccessKeyID     string `json:"accessKeyId"`
	SecretAccessKey string `json:"secretAccessKey"`
}

type AwsUsGovCtSqsData 

type AwsUsGovCtSqsData struct {
	Credentials AwsUsGovCtSqsCredentials `json:"accessKeyCredentials"`
	QueueUrl    string                   `json:"queueUrl"`
}

type AwsUsGovCtSqsIntegrationResponse 

type AwsUsGovCtSqsIntegrationResponse struct {
	Data AwsUsGovCtSqs `json:"data"`
}

type AzureAdAl 

type AzureAdAl struct {
	Data AzureAdAlData `json:"data"`
	// contains filtered or unexported fields
}

func (AzureAdAl) ID 

func (c AzureAdAl) ID() string

func (AzureAdAl) StateString 

func (c AzureAdAl) StateString() string

func (AzureAdAl) Status 

func (c AzureAdAl) Status() string

type AzureAdAlCredentials 

type AzureAdAlCredentials struct {
	ClientID     string `json:"clientId"`
	ClientSecret string `json:"clientSecret"`
}

type AzureAdAlData 

type AzureAdAlData struct {
	Credentials       AzureAdAlCredentials `json:"credentials"`
	TenantID          string               `json:"tenantId"`
	EventHubNamespace string               `json:"eventHubNamespace"`
	EventHubName      string               `json:"eventHubName"`
}

type AzureAdAlIntegrationResponse 

type AzureAdAlIntegrationResponse struct {
	Data AzureAdAl `json:"data"`
}

type AzureAlSeq 

type AzureAlSeq struct {
	Data AzureAlSeqData `json:"data"`
	// contains filtered or unexported fields
}

func (AzureAlSeq) ID 

func (c AzureAlSeq) ID() string

func (AzureAlSeq) StateString 

func (c AzureAlSeq) StateString() string

func (AzureAlSeq) Status 

func (c AzureAlSeq) Status() string

type AzureAlSeqCredentials 

type AzureAlSeqCredentials struct {
	ClientID     string `json:"clientId"`
	ClientSecret string `json:"clientSecret"`
}

type AzureAlSeqData 

type AzureAlSeqData struct {
	Credentials AzureAlSeqCredentials `json:"credentials"`
	TenantID    string                `json:"tenantId"`
	QueueUrl    string                `json:"queueUrl"`
}

type AzureAlSeqIntegrationResponse 

type AzureAlSeqIntegrationResponse struct {
	Data AzureAlSeq `json:"data"`
}

type AzureCfg 

type AzureCfg struct {
	Data AzureCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AzureCfg) ID 

func (c AzureCfg) ID() string

func (AzureCfg) StateString 

func (c AzureCfg) StateString() string

func (AzureCfg) Status 

func (c AzureCfg) Status() string

type AzureCfgCredentials 

type AzureCfgCredentials struct {
	ClientID     string `json:"clientId"`
	ClientSecret string `json:"clientSecret"`
}

type AzureCfgData 

type AzureCfgData struct {
	Credentials AzureCfgCredentials `json:"credentials"`
	TenantID    string              `json:"tenantId"`
}

type AzureCfgIntegrationResponse 

type AzureCfgIntegrationResponse struct {
	Data AzureCfg `json:"data"`
}

type AzureConfigData 

type AzureConfigData struct {
	Tenant        string   `json:"tenant"`
	Subscriptions []string `json:"subscriptions"`
}

type AzureConfigsResponse 

type AzureConfigsResponse struct {
	Data []AzureConfigData `json:"data"`
}

type AzureRecommendationsV2 

type AzureRecommendationsV2 struct {
	// contains filtered or unexported fields
}

AzureRecommendationsV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

func (*AzureRecommendationsV2) GetReport 

func (svc *AzureRecommendationsV2) GetReport(reportType string) ([]RecV2, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*AzureRecommendationsV2) List 

func (svc *AzureRecommendationsV2) List() ([]RecV2, error)

func (*AzureRecommendationsV2) Patch 

func (svc *AzureRecommendationsV2) Patch(recommendations RecommendationStateV2) (RecommendationResponseV2, error)

type AzureReport 

type AzureReport struct {
	ReportType       string             `json:"reportType"`
	ReportTitle      string             `json:"reportTitle"`
	Recommendations  []RecommendationV2 `json:"recommendations"`
	Summary          []ReportSummary    `json:"summary"`
	ReportTime       time.Time          `json:"reportTime"`
	SubscriptionName string             `json:"subscriptionName"`
	SubscriptionID   string             `json:"SubscriptionID"`
	TenantName       string             `json:"tenantName"`
	TenantID         string             `json:"tenantId"`
}

func (AzureReport) GetComplianceRecommendation 

func (azure AzureReport) GetComplianceRecommendation(recommendationID string) (*RecommendationV2, bool)

type AzureReportConfig 

type AzureReportConfig struct {
	TenantID       string
	SubscriptionID string
	Value          string
	Parameter      reportFilter
}

type AzureReportResponse 

type AzureReportResponse struct {
	Data    []AzureReport `json:"data"`
	Ok      bool          `json:"ok"`
	Message string        `json:"message"`
}

type AzureReportRuleNotifications 

type AzureReportRuleNotifications struct {
	AzureCis    bool `json:"azureCis"`
	AzureCis131 bool `json:"azureCis131"`
	AzurePci    bool `json:"azurePci"`
	AzureSoc    bool `json:"azureSoc"`
}

func (AzureReportRuleNotifications) ToMap 

func (az AzureReportRuleNotifications) ToMap() map[string]bool

type AzureReportType 

type AzureReportType int
const (
	NONE_AZURE_REPORT AzureReportType = iota
	AZURE_CIS
	AZURE_CIS_131
	AZURE_SOC
	AZURE_SOC_Rev2
	AZURE_PCI
	AZURE_PCI_Rev2
	AZURE_ISO_27001
	AZURE_NIST_CSF
	AZURE_NIST_800_53_REV5
	AZURE_NIST_800_171_REV2
	AZURE_HIPAA
)

func NewAzureReportType 

func NewAzureReportType(report string) (AzureReportType, error)

func (AzureReportType) String 

func (report AzureReportType) String() string

type AzureResourceGroupData 

type AzureResourceGroupData struct {
	Guid         string                  `json:"guid,omitempty"`
	IsDefault    int                     `json:"isDefault,omitempty"`
	ResourceGuid string                  `json:"resourceGuid,omitempty"`
	Name         string                  `json:"resourceName"`
	Type         string                  `json:"resourceType"`
	Enabled      int                     `json:"enabled,omitempty"`
	Props        AzureResourceGroupProps `json:"props"`
}

type AzureResourceGroupProps 

type AzureResourceGroupProps struct {
	Description   string        `json:"description,omitempty"`
	Tenant        string        `json:"tenant"`
	Subscriptions []string      `json:"subscriptions"`
	UpdatedBy     string        `json:"updatedBy,omitempty"`
	LastUpdated   *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (AzureResourceGroupProps) GetBaseProps 

func (props AzureResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (AzureResourceGroupProps) MarshalJSON 

func (props AzureResourceGroupProps) MarshalJSON() ([]byte, error)

type AzureResourceGroupResponse 

type AzureResourceGroupResponse struct {
	Data AzureResourceGroupData `json:"data"`
}

type AzureResourceJsonStringGroupProps 

type AzureResourceJsonStringGroupProps struct {
	Description   string        `json:"DESCRIPTION,omitempty"`
	Tenant        string        `json:"TENANT"`
	Subscriptions []string      `json:"SUBSCRIPTIONS"`
	UpdatedBy     string        `json:"UPDATED_BY,omitempty"`
	LastUpdated   *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type AzureSidekickCredentials 

type AzureSidekickCredentials struct {
	ClientId     string `json:"clientId"`
	ClientSecret string `json:"clientSecret,omitempty"`
}

type AzureSidekickData 

type AzureSidekickData struct {
	Credentials               AzureSidekickCredentials `json:"credentials"`
	IntegrationLevel          string                   `json:"integrationLevel"` // SUBSCRIPTION or TENANT
	ScanningSubscriptionId    string                   `json:"scanningSubscriptionId"`
	TenantId                  string                   `json:"tenantId"`
	BlobContainerName         string                   `json:"blobContainerName"`
	ScanningResourceGroupName string                   `json:"scanningResourceGroupName"`
	StorageAccountUrl         string                   `json:"storageAccountUrl"`
	SubscriptionsList         string                   `json:"subscriptionsList,omitempty"`
	QueryText                 string                   `json:"queryText,omitempty"`
	ScanFrequency             int                      `json:"scanFrequency"` // in hours
	ScanContainers            bool                     `json:"scanContainers"`
	ScanHostVulnerabilities   bool                     `json:"scanHostVulnerabilities"`
	ScanMultiVolume           bool                     `json:"scanMultiVolume"`
	ScanStoppedInstances      bool                     `json:"scanStoppedInstances"`
}

type AzureSidekickIntegrationResponse 

type AzureSidekickIntegrationResponse struct {
	Data V2AzureSidekickIntegration `json:"data"`
}

type AzureSidekickToken 

type AzureSidekickToken struct {
	ServerToken string `json:"serverToken"`
	Uri         string `json:"uri"`
}

type AzureSuppressionsV2 

type AzureSuppressionsV2 struct {
	// contains filtered or unexported fields
}

AzureSuppressionsV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

func (*AzureSuppressionsV2) List 

func (svc *AzureSuppressionsV2) List() (map[string]SuppressionV2, error)

type BulkPolicyUpdateResponse 

type BulkPolicyUpdateResponse struct {
	Data []BulkPolicyUpdateResponseData `json:"data"`
}

type BulkPolicyUpdateResponseData 

type BulkPolicyUpdateResponseData struct {
	EvaluatorId            string    `json:"evaluatorId,omitempty"`
	PolicyId               string    `json:"policyId"`
	PolicyType             string    `json:"policyType"`
	QueryId                string    `json:"queryId,omitempty"`
	QueryText              string    `json:"queryText,omitempty"`
	Title                  string    `json:"title"`
	Enabled                bool      `json:"enabled,omitempty"`
	Description            string    `json:"description"`
	Remediation            string    `json:"remediation"`
	Severity               string    `json:"severity"`
	Limit                  int       `json:"limit,omitempty"`
	EvalFrequency          string    `json:"evalFrequency,omitempty"`
	AlertEnabled           bool      `json:"alertEnabled,omitempty"`
	AlertProfile           string    `json:"alertProfile,omitempty"`
	Owner                  string    `json:"owner"`
	LastUpdateTime         time.Time `json:"lastUpdateTime"`
	LastUpdateUser         string    `json:"lastUpdateUser"`
	Tags                   []string  `json:"tags"`
	InfoLink               string    `json:"infoLink,omitempty"`
	ExceptionConfiguration struct {
		ConstraintFields []struct {
			FieldKey   string `json:"fieldKey"`
			DataType   string `json:"dataType"`
			MultiValue bool   `json:"multiValue"`
		} `json:"constraintFields"`
	} `json:"exceptionConfiguration,omitempty"`
	References            []string `json:"references,omitempty"`
	AdditionalInformation string   `json:"additionalInformation,omitempty"`
}

type BulkUpdatePolicies 

type BulkUpdatePolicies []BulkUpdatePolicy

type BulkUpdatePolicy 

type BulkUpdatePolicy struct {
	PolicyID string `json:"policyId,omitempty" yaml:"policyId,omitempty"`
	Enabled  *bool  `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	Severity string `json:"severity,omitempty" yaml:"severity,omitempty"`
}

type CiscoSparkWebhookAlertChannelResponseV2 

type CiscoSparkWebhookAlertChannelResponseV2 struct {
	Data CiscoSparkWebhookAlertChannelV2 `json:"data"`
}

type CiscoSparkWebhookAlertChannelV2 

type CiscoSparkWebhookAlertChannelV2 struct {
	Data CiscoSparkWebhookDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (CiscoSparkWebhookAlertChannelV2) ID 

func (c CiscoSparkWebhookAlertChannelV2) ID() string

func (CiscoSparkWebhookAlertChannelV2) StateString 

func (c CiscoSparkWebhookAlertChannelV2) StateString() string

func (CiscoSparkWebhookAlertChannelV2) Status 

func (c CiscoSparkWebhookAlertChannelV2) Status() string

type CiscoSparkWebhookDataV2 

type CiscoSparkWebhookDataV2 struct {
	Webhook string `json:"webhook"`
}

type Client 

type Client struct {
	Policy *PolicyService

	V2 *V2Endpoints
	// contains filtered or unexported fields
}

func CopyClient 

func CopyClient(origin *Client, opts ...Option) (*Client, error)

CopyClient generates a copy of the provider Lacework API Go client

Example of basic usage 

client, err := api.NewClient("demo")
if err == nil {
    client.Integrations.List()
}

clientCopy, err := api.CopyClient(client, api.WithOrgAccess())
if err == nil {
    clientCopy.Integrations.List()
}

func NewClient 

func NewClient(account string, opts ...Option) (*Client, error)

New generates a new Lacework API client

Example of basic usage 

lacework, err := api.NewClient("demo")
if err == nil {
    lacework.Integrations.List()
}

func (*Client) ApiVersion 

func (c *Client) ApiVersion() string

ApiVersion returns the API client version

func (*Client) Do 

func (c *Client) Do(req *http.Request) (*http.Response, error)

Do calls request.Do() directly

func (*Client) DoDecoder 

func (c *Client) DoDecoder(req *http.Request, v interface{}) (*http.Response, error)

DoDecoder is used to execute (aka Do) the http request and decode it into the provided interface, all at once

func (*Client) GenerateToken 

func (c *Client) GenerateToken() (*TokenData, error)

GenerateToken generates a new access token

func (*Client) GenerateTokenWithKeys 

func (c *Client) GenerateTokenWithKeys(keyID, secretKey string) (*TokenData, error)

GenerateTokenWithKeys generates a new access token with the provided keys

func (*Client) NewRequest 

func (c *Client) NewRequest(method string, apiURL string, body io.Reader) (*http.Request, error)

NewRequest generates a new http request

func (*Client) NextPage 

func (c *Client) NextPage(p Pageable) (bool, error)

NextPage

Use this function to access the next page from an API v2 endpoint, the provided response must implement the Pageable interface and when it is passed, it will be overwritten, if the response doesn't have paging information this function returns false and not error

Usage: To iterate over all pages

```go var ( 

response = api.MachineDetailEntityResponse{}
err      = client.V2.Entities.Search(&response, api.SearchFilter{})

) 

for {
		// Use information from response.Data
		fmt.Printf("Data from page: %d\n", len(response.Data))

		pageOk, err := client.NextPage(&response)
		if err != nil {
			fmt.Printf("Unable to access next page, error '%s'", err.Error())
			break
		}

		if pageOk {
			continue
		}
		break
}

```

func (*Client) OrgAccess 

func (c *Client) OrgAccess() bool

OrgAccess check if the Org-Access header is set to 'true', if so, the client is configured to manage org level dataset

func (*Client) RequestDecoder 

func (c *Client) RequestDecoder(method, path string, body io.Reader, v interface{}) error

RequestDecoder performs an http request on an endpoint, and decodes the response into the provided interface, all at once

func (*Client) RequestEncoderDecoder 

func (c *Client) RequestEncoderDecoder(method, path string, data, v interface{}) error

RequestEncoderDecoder leverages RequestDecoder and performs an http request that first encodes the provider 'data' as a JSON Reader and passes it as the body to the request

func (*Client) Retries 

func (c *Client) Retries() *backoff.ExponentialBackOff

Retries returns the retrying policy configured

func (*Client) TokenExpired 

func (c *Client) TokenExpired() bool

func (*Client) URL 

func (c *Client) URL() string

URL returns the base url configured

func (*Client) ValidAuth 

func (c *Client) ValidAuth() bool

ValidAuth verifies that the client has valid authentication

type CloudAccount 

type CloudAccount interface {
	ID() string
	CloudAccountType() cloudAccountType
}

CloudAccount is an interface that helps us implement a few functions that any Cloud Account might use, there are some cases, like during Update, where we need to get the ID of the Cloud Account and its type, this will allow users to pass any Cloud Account that implements these methods

type CloudAccountRaw 

type CloudAccountRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewCloudAccount 

func NewCloudAccount(name string, iType cloudAccountType, data interface{}) CloudAccountRaw

NewCloudAccount returns an instance of the CloudAccountRaw struct with the provided Cloud Account integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Cloud Account type.

Basic usage: Initialize a new AwsIntegration struct, then use the new instance to do CRUD operations 

client, err := api.NewClient("account")
if err != nil {
  return err
}

awsCtSqs := api.NewCloudAccount("foo",
  api.AwsCtSqsCloudAccount,
  api.AwsCtSqsData{
    QueueUrl: "https://sqs.us-west-2.amazonaws.com/123456789000/lw",
    Credentials: &api.AwsCtSqsCredentials {
      RoleArn: "arn:aws:XYZ",
      ExternalID: "1",
    },
  },
)

client.V2.CloudAccount.Create(awsCtSqs)

func (CloudAccountRaw) CloudAccountType 

func (cloud CloudAccountRaw) CloudAccountType() cloudAccountType

func (CloudAccountRaw) GetCommon 

func (cloud CloudAccountRaw) GetCommon() v2CommonIntegrationData

func (CloudAccountRaw) GetData 

func (cloud CloudAccountRaw) GetData() any

func (CloudAccountRaw) ID 

func (c CloudAccountRaw) ID() string

func (CloudAccountRaw) StateString 

func (c CloudAccountRaw) StateString() string

func (CloudAccountRaw) Status 

func (c CloudAccountRaw) Status() string

type CloudAccountResponse 

type CloudAccountResponse struct {
	Data CloudAccountRaw `json:"data"`
}

type CloudAccountsResponse 

type CloudAccountsResponse struct {
	Data []CloudAccountRaw `json:"data"`
}

type CloudAccountsService 

type CloudAccountsService struct {
	// contains filtered or unexported fields
}

CloudAccountsService is the service that interacts with the CloudAccounts schema from the Lacework APIv2 Server

func (*CloudAccountsService) Create 

func (svc *CloudAccountsService) Create(integration CloudAccountRaw) (
	response CloudAccountResponse,
	err error,
)

Create creates a single Cloud Account integration

func (*CloudAccountsService) CreateAwsSidekick 

func (svc *CloudAccountsService) CreateAwsSidekick(data CloudAccount) (
	response AwsSidekickResponse,
	err error,
)

CreateAwsSidekick creates an AwsSidekick Cloud Account integration

func (*CloudAccountsService) CreateAwsSidekickOrg 

func (svc *CloudAccountsService) CreateAwsSidekickOrg(data CloudAccount) (
	response AwsSidekickOrgResponse,
	err error,
)

CreateAwsSidekickOrg creates an AwsSidekickOrg Cloud Account integration

func (*CloudAccountsService) CreateAzureSidekick 

func (svc *CloudAccountsService) CreateAzureSidekick(data CloudAccount) (
	response AzureSidekickIntegrationResponse,
	err error,
)

CreateAzureSidekick creates an AzureSidekick Cloud Account integration

func (*CloudAccountsService) CreateGcpSidekick 

func (svc *CloudAccountsService) CreateGcpSidekick(data CloudAccount) (
	response GcpSidekickIntegrationResponse,
	err error,
)

CreateGcpSidekick creates an GcpSidekick Cloud Account integration

func (*CloudAccountsService) Delete 

func (svc *CloudAccountsService) Delete(guid string) error

Delete deletes a Cloud Account integration that matches the provided guid

func (*CloudAccountsService) Get 

func (svc *CloudAccountsService) Get(guid string, response interface{}) error

Get returns a raw response of the Cloud Account with the matching integration guid.

To return a more specific Go struct of a Cloud Account integration, use the proper method such as GetAwsCtSqs() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Cloud Account integration type.

func (*CloudAccountsService) GetAwsCfg 

func (svc *CloudAccountsService) GetAwsCfg(guid string) (
	response AwsCfgIntegrationResponse,
	err error,
)

GetAwsCfg gets a single AwsCfg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsCtSqs 

func (svc *CloudAccountsService) GetAwsCtSqs(guid string) (
	response AwsCtSqsIntegrationResponse,
	err error,
)

GetAwsCtSqs gets a single AwsCtSqs integration matching the provided integration guid

func (*CloudAccountsService) GetAwsEksAudit 

func (svc *CloudAccountsService) GetAwsEksAudit(guid string) (
	response AwsEksAuditIntegrationResponse,
	err error,
)

GetAwsEksAudit gets a single AwsEksAudit integration matching the provided integration guid

func (*CloudAccountsService) GetAwsSidekick 

func (svc *CloudAccountsService) GetAwsSidekick(guid string) (
	response AwsSidekickResponse,
	err error,
)

GetAwsSidekick gets a single AwsSidekick integration matching the provided integration guid

func (*CloudAccountsService) GetAwsSidekickOrg 

func (svc *CloudAccountsService) GetAwsSidekickOrg(guid string) (
	response AwsSidekickOrgResponse,
	err error,
)

GetAwsSidekickOrg gets a single AwsSidekickOrg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsUsGovCfg 

func (svc *CloudAccountsService) GetAwsUsGovCfg(guid string) (
	response AwsUsGovCfgIntegrationResponse,
	err error,
)

GetAwsUsGovCfg gets a single AwsUsGovCfg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsUsGovCtSqs 

func (svc *CloudAccountsService) GetAwsUsGovCtSqs(guid string) (
	response AwsUsGovCtSqsIntegrationResponse,
	err error,
)

GetAwsUsGovCtSqs gets a single AwsUsGovCtSqs integration matching the provided integration guid

func (*CloudAccountsService) GetAzureAdAl 

func (svc *CloudAccountsService) GetAzureAdAl(guid string) (
	response AzureAdAlIntegrationResponse,
	err error,
)

GetAzureAdAl gets a single AzureAdAl integration matching the provided integration guid

func (*CloudAccountsService) GetAzureAlSeq 

func (svc *CloudAccountsService) GetAzureAlSeq(guid string) (
	response AzureAlSeqIntegrationResponse,
	err error,
)

GetAzureAlSeq gets a single AzureAlSeq integration matching the provided integration guid

func (*CloudAccountsService) GetAzureCfg 

func (svc *CloudAccountsService) GetAzureCfg(guid string) (
	response AzureCfgIntegrationResponse,
	err error,
)

GetAzureCfg gets a single AzureCfg integration matching the provided integration guid

func (*CloudAccountsService) GetAzureSidekick 

func (svc *CloudAccountsService) GetAzureSidekick(guid string) (
	response AzureSidekickIntegrationResponse,
	err error,
)

GetAzureSidekick gets a single AzureSidekick integration matching the provided integration guid

func (*CloudAccountsService) GetGcpAlPubSub 

func (svc *CloudAccountsService) GetGcpAlPubSub(guid string) (
	response GcpAlPubSubIntegrationResponse,
	err error,
)

GetGcpAlPubSub gets a single GcpAlPubSub integration matching the provided integration guid

func (*CloudAccountsService) GetGcpAtSes 

func (svc *CloudAccountsService) GetGcpAtSes(guid string) (
	response GcpAtSesIntegrationResponse,
	err error,
)

GetGcpAtSes gets a single GcpAtSes integration matching the provided integration guid

func (*CloudAccountsService) GetGcpCfg 

func (svc *CloudAccountsService) GetGcpCfg(guid string) (
	response GcpCfgIntegrationResponse,
	err error,
)

GetGcpCfg gets a single GcpCfg integration matching the provided integration guid

func (*CloudAccountsService) GetGcpGkeAudit 

func (svc *CloudAccountsService) GetGcpGkeAudit(guid string) (
	response GcpGkeAuditIntegrationResponse,
	err error,
)

GetGcpGkeAudit gets a single GcpGkeAudit integration matching the provided integration guid

func (*CloudAccountsService) GetGcpSidekick 

func (svc *CloudAccountsService) GetGcpSidekick(guid string) (
	response GcpSidekickIntegrationResponse,
	err error,
)

GetGcpSidekick gets a single GcpSidekick integration matching the provided integration guid

func (*CloudAccountsService) GetOciCfg 

func (svc *CloudAccountsService) GetOciCfg(guid string) (
	response OciCfgIntegrationResponse,
	err error,
)

GetOciCfg gets a single OciCfg integration matching the provided integration guid

func (*CloudAccountsService) List 

func (svc *CloudAccountsService) List() (response CloudAccountsResponse, err error)

List returns a list of Cloud Account integrations

func (*CloudAccountsService) ListByType 

func (svc *CloudAccountsService) ListByType(caType cloudAccountType) (response CloudAccountsResponse, err error)

ListByType lists the cloud accounts from the provided type that are available on the Lacework Server

func (*CloudAccountsService) Migrate 

func (svc *CloudAccountsService) Migrate(guid string) error

Migrate marks a Cloud Account integration that matches the provided guid for migration

func (*CloudAccountsService) UpdateAwsCfg 

func (svc *CloudAccountsService) UpdateAwsCfg(data CloudAccount) (
	response AwsCfgIntegrationResponse,
	err error,
)

UpdateAwsCfg updates a single AwsCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsCtSqs 

func (svc *CloudAccountsService) UpdateAwsCtSqs(data CloudAccount) (
	response AwsCtSqsIntegrationResponse,
	err error,
)

UpdateAwsCtSqs updates a single AwsCtSqs integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsEksAudit 

func (svc *CloudAccountsService) UpdateAwsEksAudit(data CloudAccount) (
	response AwsEksAuditIntegrationResponse,
	err error,
)

UpdateAwsEksAudit updates a single AwsEksAudit integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsSidekick 

func (svc *CloudAccountsService) UpdateAwsSidekick(data CloudAccount) (
	response AwsSidekickResponse,
	err error,
)

UpdateAwsSidekick updates a single AwsSidekick integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsSidekickOrg 

func (svc *CloudAccountsService) UpdateAwsSidekickOrg(data CloudAccount) (
	response AwsSidekickOrgResponse,
	err error,
)

UpdateAwsSidekickOrg updates a single AwsSidekickOrg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsUsGovCfg 

func (svc *CloudAccountsService) UpdateAwsUsGovCfg(data CloudAccount) (
	response AwsUsGovCfgIntegrationResponse,
	err error,
)

UpdateAwsUsGovCfg updates a single AwsUsGovCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsUsGovCtSqs 

func (svc *CloudAccountsService) UpdateAwsUsGovCtSqs(data CloudAccount) (
	response AwsUsGovCtSqsIntegrationResponse,
	err error,
)

UpdateAwsUsGovCtSqs updates a single AwsUsGovCtSqs integration on the Lacework Server

func (*CloudAccountsService) UpdateAzureAdAl 

func (svc *CloudAccountsService) UpdateAzureAdAl(data CloudAccount) (
	response AzureAdAlIntegrationResponse,
	err error,
)

UpdateAzureAdAl updates a single AzureAdAl integration on the Lacework Server

func (*CloudAccountsService) UpdateAzureAlSeq 

func (svc *CloudAccountsService) UpdateAzureAlSeq(data CloudAccount) (
	response AzureAlSeqIntegrationResponse,
	err error,
)

UpdateAzureAlSeq updates a single AzureAlSeq integration on the Lacework Server

func (*CloudAccountsService) UpdateAzureCfg 

func (svc *CloudAccountsService) UpdateAzureCfg(data CloudAccount) (
	response AzureCfgIntegrationResponse,
	err error,
)

UpdateAzureCfg updates a single AzureCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateAzureSidekick 

func (svc *CloudAccountsService) UpdateAzureSidekick(data CloudAccount) (
	response AzureSidekickIntegrationResponse,
	err error,
)

UpdateAzureSidekick updates a single AzureSidekick integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpAlPubSub 

func (svc *CloudAccountsService) UpdateGcpAlPubSub(data CloudAccount) (
	response GcpAlPubSubIntegrationResponse,
	err error,
)

UpdateGcpAtSes updates a single GcpAtSes integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpAtSes 

func (svc *CloudAccountsService) UpdateGcpAtSes(data CloudAccount) (
	response GcpAtSesIntegrationResponse,
	err error,
)

UpdateGcpAtSes updates a single GcpAtSes integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpCfg 

func (svc *CloudAccountsService) UpdateGcpCfg(data CloudAccount) (
	response GcpCfgIntegrationResponse,
	err error,
)

UpdateGcpCfg updates a single GcpCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpGkeAudit 

func (svc *CloudAccountsService) UpdateGcpGkeAudit(data CloudAccount) (
	response GcpGkeAuditIntegrationResponse,
	err error,
)

UpdateGcpGkeAudit updates a single GcpGkeAudit integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpSidekick 

func (svc *CloudAccountsService) UpdateGcpSidekick(data CloudAccount) (
	response GcpSidekickIntegrationResponse,
	err error,
)

UpdateGcpSidekick updates a single GcpSidekick integration on the Lacework Server

func (*CloudAccountsService) UpdateOciCfg 

func (svc *CloudAccountsService) UpdateOciCfg(data CloudAccount) (
	response OciCfgIntegrationResponse,
	err error,
)

UpdateOciCfg updates a single OciCfg integration on the Lacework Server

type CloudComplianceReportV2 

type CloudComplianceReportV2 interface {
	GetComplianceRecommendation(recommendationID string) (*RecommendationV2, bool)
}

type CloudwatchEbAlertChannelResponseV2 

type CloudwatchEbAlertChannelResponseV2 struct {
	Data CloudwatchEbAlertChannelV2 `json:"data"`
}

type CloudwatchEbAlertChannelV2 

type CloudwatchEbAlertChannelV2 struct {
	Data CloudwatchEbDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (CloudwatchEbAlertChannelV2) ID 

func (c CloudwatchEbAlertChannelV2) ID() string

func (CloudwatchEbAlertChannelV2) StateString 

func (c CloudwatchEbAlertChannelV2) StateString() string

func (CloudwatchEbAlertChannelV2) Status 

func (c CloudwatchEbAlertChannelV2) Status() string

type CloudwatchEbDataV2 

type CloudwatchEbDataV2 struct {
	EventBusArn   string `json:"eventBusArn"`
	IssueGrouping string `json:"issueGrouping,omitempty"`
}

type ComplianceEvaluationAws 

type ComplianceEvaluationAws struct {
	Account struct {
		AccountId    string `json:"AccountId"`
		AccountAlias string `json:"Account_Alias"`
	} `json:"account"`
	EvalType       string    `json:"evalType"`
	Id             string    `json:"id"`
	Reason         string    `json:"reason"`
	Recommendation string    `json:"recommendation"`
	ReportTime     time.Time `json:"reportTime"`
	Resource       string    `json:"resource"`
	Section        string    `json:"section"`
	Severity       string    `json:"severity"`
	Status         string    `json:"status"`
}

type ComplianceEvaluationAwsResponse 

type ComplianceEvaluationAwsResponse struct {
	Data   []ComplianceEvaluationAws `json:"data"`
	Paging V2Pagination              `json:"paging"`
}

func (ComplianceEvaluationAwsResponse) GetDataLength 

func (r ComplianceEvaluationAwsResponse) GetDataLength() int

func (ComplianceEvaluationAwsResponse) PageInfo 

func (r ComplianceEvaluationAwsResponse) PageInfo() *V2Pagination

func (*ComplianceEvaluationAwsResponse) ResetPaging 

func (r *ComplianceEvaluationAwsResponse) ResetPaging()

type ComplianceEvaluationSearch 

type ComplianceEvaluationSearch struct {
	SearchFilter
	Dataset complianceEvaluationDataset `json:"dataset"`
}

func (*ComplianceEvaluationSearch) GetTimeFilter 

func (c *ComplianceEvaluationSearch) GetTimeFilter() *TimeFilter

func (*ComplianceEvaluationSearch) SetEndTime 

func (c *ComplianceEvaluationSearch) SetEndTime(t *time.Time)

func (*ComplianceEvaluationSearch) SetStartTime 

func (c *ComplianceEvaluationSearch) SetStartTime(t *time.Time)

type ComplianceEvaluationService 

type ComplianceEvaluationService struct {
	// contains filtered or unexported fields
}

func (*ComplianceEvaluationService) Search 

func (svc *ComplianceEvaluationService) Search(response interface{}, filters SearchableFilter) error

Search expects the response and the search filters

e.g. 

 var (
	  awsComplianceEvaluationSearchResponse api.ComplianceEvaluationAwsResponse
	  filter = api.ComplianceEvaluationSearch{
		  SearchFilter: api.SearchFilter{
			  Filters: []api.Filter{{
				  Expression: "eq",
				  Field:      "resource",
				  Value:      arn:aws:s3:::my-bucket,
			  }},
		  },
		  Dataset: api.AwsComplianceEvaluationDataset,
	  }
 )
  lacework.V2.ComplianceEvaluation.Search(&awsComplianceEvaluationSearchResponse, filters)

type ComplianceViolationV2 

type ComplianceViolationV2 struct {
	Region   string   `json:"region"`
	Resource string   `json:"resource"`
	Reasons  []string `json:"reasons"`
}

type ComponentDataCompleteRequest 

type ComponentDataCompleteRequest struct {
	UploadGuid string `json:"uploadGuid"`
	UrlType    string `json:"urlType"`
}

type ComponentDataCompleteResponse 

type ComponentDataCompleteResponse struct {
	Guid string `json:"guid,omitempty"`
}

type ComponentDataCompleteResponseRaw 

type ComponentDataCompleteResponseRaw struct {
	Data *ComponentDataCompleteResponse `json:"data,omitempty"`
}

type ComponentDataInitialRequest 

type ComponentDataInitialRequest struct {
	Name             string          `json:"name"`
	Tags             []string        `json:"tags"`
	SupportedMethods []string        `json:"supportedMethods"`
	Documents        []*DocumentSpec `json:"documents"`
	UrlType          string          `json:"urlType"`
}

type ComponentDataInitialResponse 

type ComponentDataInitialResponse struct {
	Guid          string                       `json:"guid,omitempty"`
	UploadMethods []*ComponentDataUploadMethod `json:"uploadMethods,omitempty"`
}

type ComponentDataInitialResponseRaw 

type ComponentDataInitialResponseRaw struct {
	Data *ComponentDataInitialResponse `json:"data,omitempty"`
}

type ComponentDataService 

type ComponentDataService struct {
	// contains filtered or unexported fields
}

func (*ComponentDataService) UploadFiles 

func (svc *ComponentDataService) UploadFiles(
	name string, tags []string, paths []string) (string, error)

func (*ComponentDataService) UploadProSast 

func (svc *ComponentDataService) UploadProSast(name string, paths []string) (string, error)

func (*ComponentDataService) UploadSastTables 

func (svc *ComponentDataService) UploadSastTables(
	name string, paths []string) (string, error)

type ComponentDataUploadMethod 

type ComponentDataUploadMethod struct {
	Method string            `json:"method,omitempty"`
	Info   map[string]string `json:"info,omitempty"`
}

type ComponentVersions 

type ComponentVersions struct {
	Id             int32    `json:"id"`
	Name           string   `json:"name"`
	Description    string   `json:"description"`
	Component_type string   `json:"type"`
	Deprecated     bool     `json:"deprecated"`
	Versions       []string `json:"versions"`
}

type ComponentsService 

type ComponentsService struct {
	// contains filtered or unexported fields
}

func (*ComponentsService) FetchComponentArtifact 

func (svc *ComponentsService) FetchComponentArtifact(id int32, os string, arch string, version string) (
	response FetchComponentResponse,
	err error)

func (*ComponentsService) ListComponentVersions 

func (svc *ComponentsService) ListComponentVersions(id int32, os string, arch string) (
	response ListComponentVersionsResponse,
	err error)

func (*ComponentsService) ListComponents 

func (svc *ComponentsService) ListComponents(os string, arch string) (response ListComponentsResponse, err error)

type ContainerEntity 

type ContainerEntity struct {
	ContainerName  string                 `json:"containerName"`
	ImageID        string                 `json:"imageId"`
	Mid            int                    `json:"mid"`
	StartTime      time.Time              `json:"startTime"`
	EndTime        time.Time              `json:"endTime"`
	PodName        string                 `json:"podName"`
	PropsContainer map[string]interface{} `json:"propsContainer"`
	Tags           map[string]interface{} `json:"tags"`
}

type ContainerRegistriesResponse 

type ContainerRegistriesResponse struct {
	Data []ContainerRegistryRaw `json:"data"`
}

type ContainerRegistriesService 

type ContainerRegistriesService struct {
	// contains filtered or unexported fields
}

ContainerRegistriesService is the service that interacts with the ContainerRegistries schema from the Lacework APIv2 Server

func (*ContainerRegistriesService) Create 

func (svc *ContainerRegistriesService) Create(integration ContainerRegistryRaw) (
	response ContainerRegistryResponse,
	err error,
)

Create creates a single Container Registry integration

func (*ContainerRegistriesService) Delete 

func (svc *ContainerRegistriesService) Delete(guid string) error

Delete deletes a Container Registry integration that matches the provided guid

func (*ContainerRegistriesService) Get 

func (svc *ContainerRegistriesService) Get(guid string, response interface{}) error

Get returns a raw response of the Container Registry with the matching integration guid.

To return a more specific Go struct of a Container Registry integration, use the proper method such as GetGhcr() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Container Registry integration type.

func (*ContainerRegistriesService) GetAwsEcrAccessKey 

func (svc *ContainerRegistriesService) GetAwsEcrAccessKey(guid string) (
	response AwsEcrAccessKeyIntegrationResponse,
	err error,
)

GetAwsEcrAccessKey gets a single AwsEcrAccessKey integration with access key credentials matching the provided integration guid

func (*ContainerRegistriesService) GetAwsEcrIamRole 

func (svc *ContainerRegistriesService) GetAwsEcrIamRole(guid string) (
	response AwsEcrIamRoleIntegrationResponse,
	err error,
)

GetAwsEcrIamRole gets a single AwsEcr with Iam Role credentials integration matching the provided integration guid

func (*ContainerRegistriesService) GetDockerhub 

func (svc *ContainerRegistriesService) GetDockerhub(guid string) (
	response DockerhubIntegrationResponse,
	err error,
)

GetDockerhub gets a single Dockerhub integration matching the provided integration guid

func (*ContainerRegistriesService) GetDockerhubV2 

func (svc *ContainerRegistriesService) GetDockerhubV2(guid string) (
	response DockerhubV2IntegrationResponse,
	err error,
)

GetDockerhubV2 gets a single DockerhubV2 integration matching the provided integration guid

func (*ContainerRegistriesService) GetGcpGar 

func (svc *ContainerRegistriesService) GetGcpGar(guid string) (
	response GcpGarIntegrationResponse,
	err error,
)

GetGcpGar gets a single GcpGar integration matching the provided integration guid

func (*ContainerRegistriesService) GetGcpGcr 

func (svc *ContainerRegistriesService) GetGcpGcr(guid string) (
	response GcpGcrIntegrationResponse,
	err error,
)

GetGcpGcr gets a single GcpGcr integration matching the provided integration guid

func (*ContainerRegistriesService) GetGhcr 

func (svc *ContainerRegistriesService) GetGhcr(guid string) (
	response GhcrIntegrationResponse,
	err error,
)

GetGhcr gets a single Ghcr integration matching the provided integration guid

func (*ContainerRegistriesService) GetInlineScanner 

func (svc *ContainerRegistriesService) GetInlineScanner(guid string) (
	response InlineScannerIntegrationResponse,
	err error,
)

GetInlineScanner gets a single InlineScanner integration matching the provided integration guid

func (*ContainerRegistriesService) GetProxyScanner 

func (svc *ContainerRegistriesService) GetProxyScanner(guid string) (
	response ProxyScannerIntegrationResponse,
	err error,
)

GetProxyScanner gets a single ProxyScanner integration matching the provided integration guid

func (*ContainerRegistriesService) List 

func (svc *ContainerRegistriesService) List() (response ContainerRegistriesResponse, err error)

List returns a list of Container Registry integrations

func (*ContainerRegistriesService) UpdateAwsEcrAccessKey 

func (svc *ContainerRegistriesService) UpdateAwsEcrAccessKey(data ContainerRegistry) (
	response AwsEcrAccessKeyIntegrationResponse,
	err error,
)

UpdateAwsEcrAccessKey updates a single AwsEcrAccessKey integration with access key credential on the Lacework Server

func (*ContainerRegistriesService) UpdateAwsEcrIamRole 

func (svc *ContainerRegistriesService) UpdateAwsEcrIamRole(data ContainerRegistry) (
	response AwsEcrIamRoleIntegrationResponse,
	err error,
)

UpdateAwsEcrIamRole updates a single AwsEcr with Iam Role credentials integration on the Lacework Server

func (*ContainerRegistriesService) UpdateDockerhub 

func (svc *ContainerRegistriesService) UpdateDockerhub(data ContainerRegistry) (
	response DockerhubIntegrationResponse,
	err error,
)

UpdateDockerhub updates a single Dockerhub integration on the Lacework Server

func (*ContainerRegistriesService) UpdateDockerhubV2 

func (svc *ContainerRegistriesService) UpdateDockerhubV2(data ContainerRegistry) (
	response DockerhubV2IntegrationResponse,
	err error,
)

UpdateDockerhubV2 updates a single DockerhubV2 integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGcpGar 

func (svc *ContainerRegistriesService) UpdateGcpGar(data ContainerRegistry) (
	response GcpGarIntegrationResponse,
	err error,
)

UpdateGcpGar updates a single GcpGar integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGcpGcr 

func (svc *ContainerRegistriesService) UpdateGcpGcr(data ContainerRegistry) (
	response GcpGcrIntegrationResponse,
	err error,
)

UpdateGcpGcr updates a single GcpGcr integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGhcr 

func (svc *ContainerRegistriesService) UpdateGhcr(data ContainerRegistry) (
	response GhcrIntegrationResponse,
	err error,
)

UpdateGhcr updates a single Ghcr integration on the Lacework Server

func (*ContainerRegistriesService) UpdateInlineScanner 

func (svc *ContainerRegistriesService) UpdateInlineScanner(data ContainerRegistry) (
	response InlineScannerIntegrationResponse,
	err error,
)

UpdateInlineScanner updates a single InlineScanner integration on the Lacework Server

func (*ContainerRegistriesService) UpdateProxyScanner 

func (svc *ContainerRegistriesService) UpdateProxyScanner(data ContainerRegistry) (
	response ProxyScannerIntegrationResponse,
	err error,
)

UpdateProxyScanner updates a single ProxyScanner integration on the Lacework Server

type ContainerRegistry 

type ContainerRegistry interface {
	ID() string
	ContainerRegistryType() containerRegistryType
}

ContainerRegistry is an interface that helps us implement a few functions that any Container Registry might use, there are some cases, like during Update, where we need to get the ID of the Container Registry and its type, this will allow users to pass any Container Registry that implements these methods

type ContainerRegistryRaw 

type ContainerRegistryRaw struct {
	Data        interface{}    `json:"data,omitempty"`
	ServerToken *V2ServerToken `json:"serverToken,omitempty"`
	// contains filtered or unexported fields
}

func NewContainerRegistry 

func NewContainerRegistry(name string, regType containerRegistryType, data interface{}) ContainerRegistryRaw

NewContainerRegistry returns an instance of the ContainerRegistryRaw struct with the provided Container Registry integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Container Registry type.

Basic usage: Initialize a new GhcrContainerRegistry integration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

ghcr := api.NewContainerRegistry("foo",
  api.GhcrContainerRegistry,
  api.GhcrData{
    Credentials: api.GhcrCredentials {
      Username: "bubu",
      Password: "supers3cret",
      Ssl: true,
    },
  },
)

client.V2.ContainerRegistries.Create(ghcr)

func (ContainerRegistryRaw) ContainerRegistryDomain 

func (reg ContainerRegistryRaw) ContainerRegistryDomain() string

func (ContainerRegistryRaw) ContainerRegistryType 

func (reg ContainerRegistryRaw) ContainerRegistryType() containerRegistryType

func (ContainerRegistryRaw) GetCommon 

func (reg ContainerRegistryRaw) GetCommon() v2CommonIntegrationData

func (ContainerRegistryRaw) GetData 

func (reg ContainerRegistryRaw) GetData() any

func (ContainerRegistryRaw) ID 

func (c ContainerRegistryRaw) ID() string

func (ContainerRegistryRaw) StateString 

func (reg ContainerRegistryRaw) StateString() string

func (ContainerRegistryRaw) Status 

func (c ContainerRegistryRaw) Status() string

type ContainerRegistryResponse 

type ContainerRegistryResponse struct {
	Data ContainerRegistryRaw `json:"data"`
}

type ContainerResourceGroupData 

type ContainerResourceGroupData struct {
	Guid         string                      `json:"guid,omitempty"`
	IsDefault    int                         `json:"isDefault,omitempty"`
	ResourceGuid string                      `json:"resourceGuid,omitempty"`
	Name         string                      `json:"resourceName"`
	Type         string                      `json:"resourceType"`
	Enabled      int                         `json:"enabled,omitempty"`
	Props        ContainerResourceGroupProps `json:"props"`
}

type ContainerResourceGroupProps 

type ContainerResourceGroupProps struct {
	Description     string              `json:"description,omitempty"`
	ContainerLabels []map[string]string `json:"containerLabels"`
	ContainerTags   []string            `json:"containerTags"`
	UpdatedBy       string              `json:"updatedBy,omitempty"`
	LastUpdated     *lwtime.Epoch       `json:"lastUpdated,omitempty"`
}

func (ContainerResourceGroupProps) GetBaseProps 

func (props ContainerResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (ContainerResourceGroupProps) MarshalJSON 

func (props ContainerResourceGroupProps) MarshalJSON() ([]byte, error)

type ContainerResourceGroupResponse 

type ContainerResourceGroupResponse struct {
	Data ContainerResourceGroupData `json:"data"`
}

type ContainerResourceJsonStringGroupProps 

type ContainerResourceJsonStringGroupProps struct {
	Description     string              `json:"DESCRIPTION,omitempty"`
	ContainerLabels []map[string]string `json:"CONTAINER_LABELS"`
	ContainerTags   []string            `json:"CONTAINER_TAGS"`
	UpdatedBy       string              `json:"UPDATED_BY,omitempty"`
	LastUpdated     *lwtime.Epoch       `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type ContainersEntityResponse 

type ContainersEntityResponse struct {
	Data   []ContainerEntity `json:"data"`
	Paging V2Pagination      `json:"paging"`
	// contains filtered or unexported fields
}

func (*ContainersEntityResponse) Count 

func (r *ContainersEntityResponse) Count(imageID string) int

Count returns the number of active containers with the provided image ID

func (ContainersEntityResponse) PageInfo 

func (r ContainersEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (ContainersEntityResponse) PageNumber 

func (m ContainersEntityResponse) PageNumber() int

func (*ContainersEntityResponse) PageRead 

func (m *ContainersEntityResponse) PageRead()

func (*ContainersEntityResponse) ResetPaging 

func (r *ContainersEntityResponse) ResetPaging()

func (*ContainersEntityResponse) SetTotalPages 

func (m *ContainersEntityResponse) SetTotalPages(total int)

func (*ContainersEntityResponse) Total 

func (r *ContainersEntityResponse) Total() int

Total returns the total number of active containers

func (ContainersEntityResponse) TotalPages 

func (m ContainersEntityResponse) TotalPages() int

type DailyEventsReportRuleNotifications 

type DailyEventsReportRuleNotifications struct {
	AgentEvents               bool `json:"agentEvents"`
	OpenShiftCompliance       bool `json:"openShiftCompliance"`
	OpenShiftComplianceEvents bool `json:"openShiftComplianceEvents"`
	PlatformEvents            bool `json:"platformEvents"`
	AwsCloudtrailEvents       bool `json:"awsCloudtrailEvents"`
	AwsComplianceEvents       bool `json:"awsComplianceEvents"`
	AzureComplianceEvents     bool `json:"azureComplianceEvents"`
	AzureActivityLogEvents    bool `json:"azureActivityLogEvents"`
	GcpAuditTrailEvents       bool `json:"gcpAuditTrailEvents"`
	GcpComplianceEvents       bool `json:"gcpComplianceEvents"`
}

func (DailyEventsReportRuleNotifications) ToMap 

func (daily DailyEventsReportRuleNotifications) ToMap() map[string]bool

type DataExportRule 

type DataExportRule struct {
	ID     string               `json:"mcGuid,omitempty"`
	Filter DataExportRuleFilter `json:"filters"`
	Type   string               `json:"type"`
	IDs    []string             `json:"intgGuidList"`
}

type DataExportRuleFilter 

type DataExportRuleFilter struct {
	Name            string   `json:"name"`
	Description     string   `json:"description"`
	CreatedBy       string   `json:"createdOrUpdatedBy,omitempty"`
	UpdatedTime     string   `json:"createdOrUpdatedTime,omitempty"`
	Enabled         int      `json:"enabled"`
	ProfileVersions []string `json:"profileVersions,omitempty"`
}

type DataExportRuleResponse 

type DataExportRuleResponse struct {
	Data    DataExportRule `json:"data"`
	Message string         `json:"message"`
}

type DataExportRulesResponse 

type DataExportRulesResponse struct {
	Data    []DataExportRule `json:"data"`
	Message string           `json:"message"`
}

type DataExportRulesService 

type DataExportRulesService struct {
	// contains filtered or unexported fields
}

DataExportRulesService is a service that interacts with the DataExportRule endpoints from the Lacework Server

func (*DataExportRulesService) Create 

func (svc *DataExportRulesService) Create(rule DataExportRule) (response DataExportRuleResponse,
	err error,
)

Create creates a single Data Export Rule

func (*DataExportRulesService) Delete 

func (svc *DataExportRulesService) Delete(guid string) error

Delete deletes a Data Export Rule that matches the provided guid

func (*DataExportRulesService) Get 

func (svc *DataExportRulesService) Get(id string) (
	response DataExportRuleResponse,
	err error,
)

Get returns a raw response of the Data Export Rule with the matching guid.

func (*DataExportRulesService) List 

func (svc *DataExportRulesService) List() (
	response DataExportRulesResponse,
	err error,
)

List returns a list of Data Export Rules

func (*DataExportRulesService) Search 

func (svc *DataExportRulesService) Search(filters SearchFilter) (
	response DataExportRulesResponse, err error,
)

Search returns a list of Data Export Rules

func (*DataExportRulesService) Update 

func (svc *DataExportRulesService) Update(rule DataExportRule) (response DataExportRuleResponse,
	err error,
)

Update updates a Data Export Rule that matches the provided guid

type DatadogAlertChannelResponseV2 

type DatadogAlertChannelResponseV2 struct {
	Data DatadogAlertChannelV2 `json:"data"`
}

type DatadogAlertChannelV2 

type DatadogAlertChannelV2 struct {
	Data DatadogDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (DatadogAlertChannelV2) ID 

func (c DatadogAlertChannelV2) ID() string

func (DatadogAlertChannelV2) StateString 

func (c DatadogAlertChannelV2) StateString() string

func (DatadogAlertChannelV2) Status 

func (c DatadogAlertChannelV2) Status() string

type DatadogDataV2 

type DatadogDataV2 struct {
	ApiKey      string         `json:"apiKey"`
	DatadogSite datadogSite    `json:"datadogSite,omitempty"`
	DatadogType datadogService `json:"datadogType,omitempty"`
}

type Datasource 

type Datasource struct {
	Name                string                   `json:"name"`
	Description         string                   `json:"description"`
	ResultSchema        []DatasourceSchema       `json:"resultSchema"`
	SourceRelationships []DatasourceRelationship `json:"sourceRelationships"`
}

type DatasourceRelationship 

type DatasourceRelationship struct {
	Name          string `json:"name"`
	Description   string `json:"description"`
	From          string `json:"from"`
	To            string `json:"to"`
	ToCardinality string `json:"toCardinality"`
}

type DatasourceResponse 

type DatasourceResponse struct {
	Data    Datasource `json:"data"`
	Message string     `json:"message"`
}

type DatasourceSchema 

type DatasourceSchema struct {
	Name        string `json:"name"`
	DataType    string `json:"dataType"`
	Description string `json:"description"`
}

type DatasourcesResponse 

type DatasourcesResponse struct {
	Data    []Datasource `json:"data"`
	Message string       `json:"message"`
}

type DatasourcesService 

type DatasourcesService struct {
	// contains filtered or unexported fields
}

DatasourcesService is a service that interacts with the Datasources endpoints from the Lacework Server

func (*DatasourcesService) Get 

func (svc *DatasourcesService) Get(id string) (
	response DatasourceResponse,
	err error,
)

func (*DatasourcesService) List 

func (svc *DatasourcesService) List() (
	response DatasourcesResponse,
	err error,
)

type DockerhubCredentials 

type DockerhubCredentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

type DockerhubData 

type DockerhubData struct {
	Credentials      DockerhubCredentials `json:"credentials"`
	RegistryDomain   string               `json:"registryDomain"` // always "index.docker.io"
	RegistryType     string               `json:"registryType"`   // always "DOCKERHUB"
	LimitByTag       []string             `json:"limitByTag,omitempty"`
	LimitByLabel     []map[string]string  `json:"limitByLabel,omitempty"`
	LimitByRep       []string             `json:"limitByRep,omitempty"`
	LimitNumImg      int                  `json:"limitNumImg"`
	NonOSPackageEval bool                 `json:"nonOsPackageEval"`
}

type DockerhubIntegration 

type DockerhubIntegration struct {
	Data DockerhubData `json:"data"`
	// contains filtered or unexported fields
}

func (DockerhubIntegration) ContainerRegistryType 

func (reg DockerhubIntegration) ContainerRegistryType() containerRegistryType

func (DockerhubIntegration) ID 

func (c DockerhubIntegration) ID() string

func (DockerhubIntegration) StateString 

func (c DockerhubIntegration) StateString() string

func (DockerhubIntegration) Status 

func (c DockerhubIntegration) Status() string

type DockerhubIntegrationResponse 

type DockerhubIntegrationResponse struct {
	Data DockerhubIntegration `json:"data"`
}

type DockerhubV2Credentials 

type DockerhubV2Credentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
	SSL      bool   `json:"ssl"`
}

type DockerhubV2Data 

type DockerhubV2Data struct {
	Credentials           DockerhubV2Credentials `json:"credentials"`
	RegistryDomain        string                 `json:"registryDomain"`
	RegistryType          string                 `json:"registryType"`
	RegistryNotifications *bool                  `json:"registryNotifications,omitempty"`
	LimitByTag            []string               `json:"limitByTag,omitempty"`
	LimitByLabel          []map[string]string    `json:"limitByLabel,omitempty"`
	NonOSPackageEval      bool                   `json:"nonOsPackageEval"`
}

type DockerhubV2Integration 

type DockerhubV2Integration struct {
	Data DockerhubV2Data `json:"data"`
	// contains filtered or unexported fields
}

func (DockerhubV2Integration) ContainerRegistryType 

func (reg DockerhubV2Integration) ContainerRegistryType() containerRegistryType

func (DockerhubV2Integration) ID 

func (c DockerhubV2Integration) ID() string

func (DockerhubV2Integration) StateString 

func (c DockerhubV2Integration) StateString() string

func (DockerhubV2Integration) Status 

func (c DockerhubV2Integration) Status() string

type DockerhubV2IntegrationResponse 

type DockerhubV2IntegrationResponse struct {
	Data DockerhubV2Integration `json:"data"`
}

type DocumentSpec 

type DocumentSpec struct {
	Name string `json:"name"`
	Size int64  `json:"size"`
}

type EmailUserAlertChannelResponse 

type EmailUserAlertChannelResponse struct {
	Data EmailUserIntegration `json:"data"`
}

type EmailUserChannelProps 

type EmailUserChannelProps struct {
	Recipients []string `json:"recipients"`
}

type EmailUserData 

type EmailUserData struct {
	ChannelProps      EmailUserChannelProps `json:"channelProps"`
	NotificationTypes struct {
		Properties interface{} `json:"properties,omitempty"`
	} `json:"notificationTypes"`
}

type EmailUserIntegration 

type EmailUserIntegration struct {
	Data EmailUserData `json:"data"`
	// contains filtered or unexported fields
}

func (EmailUserIntegration) ID 

func (c EmailUserIntegration) ID() string

func (EmailUserIntegration) StateString 

func (c EmailUserIntegration) StateString() string

func (EmailUserIntegration) Status 

func (c EmailUserIntegration) Status() string

type EntitiesService 

type EntitiesService struct {
	// contains filtered or unexported fields
}

func (*EntitiesService) ListAllContainers 

func (svc *EntitiesService) ListAllContainers() (response ContainersEntityResponse, err error)

ListAllContainers iterates over all pages to return all active container information at once

func (*EntitiesService) ListAllContainersWithFilters 

func (svc *EntitiesService) ListAllContainersWithFilters(filters SearchFilter) (
	response ContainersEntityResponse, err error,
)

ListAllContainersWithFilters iterates over all pages to return all active container information at once based on a user defined filter

func (*EntitiesService) ListAllImages 

func (svc *EntitiesService) ListAllImages() (response ImagesEntityResponse, err error)

ListAllImages iterates over all pages to return all images information at once

func (*EntitiesService) ListAllImagesWithFilters 

func (svc *EntitiesService) ListAllImagesWithFilters(filters SearchFilter) (
	response ImagesEntityResponse, err error,
)

ListAllImagesWithFilters iterates over all pages to return all images information at once based on a user defined filter

func (*EntitiesService) ListAllMachineDetails 

func (svc *EntitiesService) ListAllMachineDetails() (response MachineDetailsEntityResponse, err error)

ListAllMachineDetails iterates over all pages to return all machine details at once

func (*EntitiesService) ListAllMachineDetailsWithFilters 

func (svc *EntitiesService) ListAllMachineDetailsWithFilters(filters SearchFilter) (
	response MachineDetailsEntityResponse, err error,
)

ListAllMachineDetailsWithFilters iterates over all pages to return all machine details at once based on a user defined filter

func (*EntitiesService) ListAllMachines 

func (svc *EntitiesService) ListAllMachines() (response MachinesEntityResponse, err error)

ListAllMachines iterates over all pages to return all machine details at once

func (*EntitiesService) ListAllMachinesWithFilters 

func (svc *EntitiesService) ListAllMachinesWithFilters(filters SearchFilter) (
	response MachinesEntityResponse, err error,
)

ListAllMachinesWithFilters iterates over all pages to return all machine details at once based on a user defined filter

func (*EntitiesService) ListAllUsers 

func (svc *EntitiesService) ListAllUsers() (response UsersEntityResponse, err error)

ListAllUsers iterates over all pages to return all user information at once

func (*EntitiesService) ListContainers 

func (svc *EntitiesService) ListContainers() (response ContainersEntityResponse, err error)

ListContainers returns a list of Active Containers from the last 7 days

func (*EntitiesService) ListContainersWithFilters 

func (svc *EntitiesService) ListContainersWithFilters(filters SearchFilter) (
	response ContainersEntityResponse, err error,
)

ListContainersWithFilters returns a list of Active Containers based on a user defined filter

func (*EntitiesService) ListImages 

func (svc *EntitiesService) ListImages() (response ImagesEntityResponse, err error)

ListImages returns a list of UserEntity from the last 7 days

func (*EntitiesService) ListImagesWithFilters 

func (svc *EntitiesService) ListImagesWithFilters(filters SearchFilter) (response ImagesEntityResponse, err error)

ListImagesWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListMachineDetails 

func (svc *EntitiesService) ListMachineDetails() (response MachineDetailsEntityResponse, err error)

ListMachineDetails returns a list of MachineDetailEntity from the last 7 days

func (*EntitiesService) ListMachineDetailsWithFilters 

func (svc *EntitiesService) ListMachineDetailsWithFilters(filters SearchFilter) (
	response MachineDetailsEntityResponse, err error,
)

ListMachineDetailsWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListMachines 

func (svc *EntitiesService) ListMachines() (response MachinesEntityResponse, err error)

ListMachines returns a list of MachineEntity from the last 7 days

func (*EntitiesService) ListMachinesWithFilters 

func (svc *EntitiesService) ListMachinesWithFilters(filters SearchFilter) (response MachinesEntityResponse, err error)

ListMachinesWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListUsers 

func (svc *EntitiesService) ListUsers() (response UsersEntityResponse, err error)

ListUsers returns a list of UserEntity from the last 7 days

func (*EntitiesService) Search 

func (svc *EntitiesService) Search(response interface{}, filters SearchFilter) error

Search expects the response and the search filters

e.g. 

var (
    response = &api.MachineDetailsEntityResponse{}
    now      = time.Now().UTC()
    before   = now.AddDate(0, 0, -7) // 7 days from ago
    filters  = api.SearchFilter{
        TimeFilter: &api.TimeFilter{
            StartTime: &before,
            EndTime:   &now,
        },
    }
)
lacework.V2.Entities.Search(response, filters)

type EntityType 

type EntityType int
const (
	NoneEntityType EntityType = iota
	MachineDetailsEntityType
	UsersEntityType
	ImagesEntityType
	ContainersEntityType
	MachineEntityType
)

type ExceptionConfigMap 

type ExceptionConfigMap map[string][]PolicyExceptionConfigurationConstraints

type ExecuteQuery 

type ExecuteQuery struct {
	QueryText string `json:"queryText"`
}

type ExecuteQueryArgument 

type ExecuteQueryArgument struct {
	Name  ExecuteQueryArgumentName `json:"name"`
	Value string                   `json:"value"`
}

type ExecuteQueryArgumentName 

type ExecuteQueryArgumentName string
const (
	QueryStartTimeRange ExecuteQueryArgumentName = "StartTimeRange"
	QueryEndTimeRange   ExecuteQueryArgumentName = "EndTimeRange"
)

type ExecuteQueryByIDRequest 

type ExecuteQueryByIDRequest struct {
	QueryID   string                 `json:"queryId,omitempty"`
	Options   ExecuteQueryOptions    `json:"options"`
	Arguments []ExecuteQueryArgument `json:"arguments"`
}

type ExecuteQueryData 

type ExecuteQueryData []interface{}

func (*ExecuteQueryData) UnmarshalJSON 

func (d *ExecuteQueryData) UnmarshalJSON(data []byte) error

type ExecuteQueryOptions 

type ExecuteQueryOptions struct {
	Limit *int `json:"limit,omitempty"`
}

type ExecuteQueryRequest 

type ExecuteQueryRequest struct {
	Query     ExecuteQuery           `json:"query"`
	Options   ExecuteQueryOptions    `json:"options"`
	Arguments []ExecuteQueryArgument `json:"arguments"`
}

type ExecuteQueryResponse 

type ExecuteQueryResponse struct {
	Data    ExecuteQueryData `json:"data"`
	Ok      bool             `json:"ok"`
	Message string           `json:"message"`
}

type FeatureFlag 

type FeatureFlag string

type FeatureFlags 

type FeatureFlags struct {
	Flags []FeatureFlag `json:"flags,omitempty"`
}

type FeatureFlagsResponse 

type FeatureFlagsResponse struct {
	Data FeatureFlags `json:"data"`
}

type FeatureFlagsService 

type FeatureFlagsService struct {
	// contains filtered or unexported fields
}

func (*FeatureFlagsService) GetFeatureFlagsMatchingPrefix 

func (svc *FeatureFlagsService) GetFeatureFlagsMatchingPrefix(prefix string) (
	response FeatureFlagsResponse, err error,
)

type FetchComponentResponse 

type FetchComponentResponse struct {
	Data []Artifact `json:"data"`
}

type Filter 

type Filter struct {
	Expression string   `json:"expression,omitempty"`
	Field      string   `json:"field,omitempty"`
	Value      string   `json:"value,omitempty"`
	Values     []string `json:"values,omitempty"`
}

type GcpAlPubSubCredentials 

type GcpAlPubSubCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

type GcpAlPubSubIntegrationResponse 

type GcpAlPubSubIntegrationResponse struct {
	Data V2GcpAlPubSubIntegration `json:"data"`
}

type GcpAlPubSubSesData 

type GcpAlPubSubSesData struct {
	Credentials     GcpAlPubSubCredentials `json:"credentials"`
	IntegrationType string                 `json:"integrationType"`
	// OrganizationId is optional for a project level integration, therefore we omit if empty
	OrganizationID   string `json:"organizationId,omitempty"`
	ProjectID        string `json:"projectId"`
	SubscriptionName string `json:"subscriptionName"`
	TopicID          string `json:"topicId"`
}

type GcpAtSesCredentials 

type GcpAtSesCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId,omitempty"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

type GcpAtSesData 

type GcpAtSesData struct {
	Credentials GcpAtSesCredentials `json:"credentials"`
	IDType      string              `json:"idType"`
	// Either the org id or project id
	ID               string `json:"id"`
	SubscriptionName string `json:"subscriptionName"`
}

type GcpAtSesIntegrationResponse 

type GcpAtSesIntegrationResponse struct {
	Data V2GcpAtSesIntegration `json:"data"`
}

type GcpCfgCredentials 

type GcpCfgCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId,omitempty"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

type GcpCfgData 

type GcpCfgData struct {
	Credentials GcpCfgCredentials `json:"credentials"`
	IDType      string            `json:"idType"`
	// Either the org id or project id
	ID string `json:"id"`
}

type GcpCfgIntegrationResponse 

type GcpCfgIntegrationResponse struct {
	Data V2GcpCfgIntegration `json:"data"`
}

type GcpConfigData 

type GcpConfigData struct {
	Organization string   `json:"organization"`
	Projects     []string `json:"projects"`
}

type GcpConfigsResponse 

type GcpConfigsResponse struct {
	Data []GcpConfigData `json:"data"`
}

type GcpCredentialsV2 

type GcpCredentialsV2 struct {
	ClientEmail  string `json:"clientEmail"`
	ClientID     string `json:"clientId"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

GcpCredentials is already defined in api/integrations_gcp.go:163 so we need to add a "V2" at the end to make it clear that this is the Google Credentials struct for API v2

type GcpGarData 

type GcpGarData struct {
	Credentials      GcpCredentialsV2    `json:"credentials"`
	RegistryDomain   string              `json:"registryDomain"`
	RegistryType     string              `json:"registryType"` // always "GCP_GAR"
	LimitByTag       []string            `json:"limitByTag,omitempty"`
	LimitByLabel     []map[string]string `json:"limitByLabel,omitempty"`
	LimitByRep       []string            `json:"limitByRep,omitempty"`
	LimitNumImg      int                 `json:"limitNumImg"`
	NonOSPackageEval bool                `json:"nonOsPackageEval"`
}

type GcpGarIntegration 

type GcpGarIntegration struct {
	Data GcpGarData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGarIntegration) ContainerRegistryType 

func (reg GcpGarIntegration) ContainerRegistryType() containerRegistryType

func (GcpGarIntegration) ID 

func (c GcpGarIntegration) ID() string

func (GcpGarIntegration) StateString 

func (c GcpGarIntegration) StateString() string

func (GcpGarIntegration) Status 

func (c GcpGarIntegration) Status() string

type GcpGarIntegrationResponse 

type GcpGarIntegrationResponse struct {
	Data GcpGarIntegration `json:"data"`
}

type GcpGcrData 

type GcpGcrData struct {
	Credentials      GcpCredentialsV2    `json:"credentials"`
	RegistryDomain   string              `json:"registryDomain"`
	RegistryType     string              `json:"registryType"`
	LimitByTag       []string            `json:"limitByTag,omitempty"`
	LimitByLabel     []map[string]string `json:"limitByLabel,omitempty"`
	LimitByRep       []string            `json:"limitByRep,omitempty"`
	LimitNumImg      int                 `json:"limitNumImg"`
	NonOSPackageEval bool                `json:"nonOsPackageEval"`
}

type GcpGcrIntegration 

type GcpGcrIntegration struct {
	Data GcpGcrData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGcrIntegration) ContainerRegistryType 

func (reg GcpGcrIntegration) ContainerRegistryType() containerRegistryType

func (GcpGcrIntegration) ID 

func (c GcpGcrIntegration) ID() string

func (GcpGcrIntegration) StateString 

func (c GcpGcrIntegration) StateString() string

func (GcpGcrIntegration) Status 

func (c GcpGcrIntegration) Status() string

type GcpGcrIntegrationResponse 

type GcpGcrIntegrationResponse struct {
	Data GcpGcrIntegration `json:"data"`
}

type GcpGkeAuditCredentials 

type GcpGkeAuditCredentials struct {
	ClientId     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyId string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey"`
}

type GcpGkeAuditData 

type GcpGkeAuditData struct {
	Credentials     GcpGkeAuditCredentials `json:"credentials"`
	IntegrationType string                 `json:"integrationType"`
	// OrganizationId is optional for a project level integration, therefore we omit if empty
	OrganizationId   string `json:"organizationId,omitempty"`
	ProjectId        string `json:"projectId"`
	SubscriptionName string `json:"subscriptionName"`
}

type GcpGkeAuditIntegration 

type GcpGkeAuditIntegration struct {
	Data GcpGkeAuditData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGkeAuditIntegration) ID 

func (c GcpGkeAuditIntegration) ID() string

func (GcpGkeAuditIntegration) StateString 

func (c GcpGkeAuditIntegration) StateString() string

func (GcpGkeAuditIntegration) Status 

func (c GcpGkeAuditIntegration) Status() string

type GcpGkeAuditIntegrationResponse 

type GcpGkeAuditIntegrationResponse struct {
	Data GcpGkeAuditIntegration `json:"data"`
}

type GcpPubSubAlertChannelResponseV2 

type GcpPubSubAlertChannelResponseV2 struct {
	Data GcpPubSubAlertChannelV2 `json:"data"`
}

type GcpPubSubAlertChannelV2 

type GcpPubSubAlertChannelV2 struct {
	Data GcpPubSubDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (GcpPubSubAlertChannelV2) ID 

func (c GcpPubSubAlertChannelV2) ID() string

func (GcpPubSubAlertChannelV2) StateString 

func (c GcpPubSubAlertChannelV2) StateString() string

func (GcpPubSubAlertChannelV2) Status 

func (c GcpPubSubAlertChannelV2) Status() string

type GcpPubSubCredentials 

type GcpPubSubCredentials struct {
	ClientEmail  string `json:"clientEmail"`
	ClientID     string `json:"clientId"`
	PrivateKey   string `json:"privateKey"`
	PrivateKeyID string `json:"privateKeyId"`
}

type GcpPubSubDataV2 

type GcpPubSubDataV2 struct {
	Credentials   GcpPubSubCredentials `json:"credentials"`
	IssueGrouping string               `json:"issueGrouping"`
	ProjectID     string               `json:"projectId"`
	TopicID       string               `json:"topicId"`
}

type GcpRecommendationsV2 

type GcpRecommendationsV2 struct {
	// contains filtered or unexported fields
}

GcpRecommendationsV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

func (*GcpRecommendationsV2) GetReport 

func (svc *GcpRecommendationsV2) GetReport(reportType string) ([]RecV2, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*GcpRecommendationsV2) List 

func (svc *GcpRecommendationsV2) List() ([]RecV2, error)

func (*GcpRecommendationsV2) Patch 

func (svc *GcpRecommendationsV2) Patch(recommendations RecommendationStateV2) (RecommendationResponseV2, error)

type GcpReport 

type GcpReport struct {
	ReportType       string             `json:"reportType"`
	ReportTitle      string             `json:"reportTitle"`
	Recommendations  []RecommendationV2 `json:"recommendations"`
	Summary          []ReportSummary    `json:"summary"`
	ReportTime       time.Time          `json:"reportTime"`
	OrganizationName string             `json:"organizationName"`
	OrganizationID   string             `json:"organizationId"`
	ProjectName      string             `json:"projectName"`
	ProjectID        string             `json:"projectId"`
}

func (GcpReport) GetComplianceRecommendation 

func (gcp GcpReport) GetComplianceRecommendation(recommendationID string) (*RecommendationV2, bool)

type GcpReportConfig 

type GcpReportConfig struct {
	OrganizationID string
	ProjectID      string
	Value          string
	Parameter      reportFilter
}

type GcpReportResponse 

type GcpReportResponse struct {
	Data    []GcpReport `json:"data"`
	Ok      bool        `json:"ok"`
	Message string      `json:"message"`
}

type GcpReportRuleNotifications 

type GcpReportRuleNotifications struct {
	GcpCis       bool `json:"gcpCis"`
	GcpHipaa     bool `json:"gcpHipaa"`
	GcpHipaaRev2 bool `json:"gcpHipaaRev2"`
	GcpIso27001  bool `json:"gcpIso27001"`
	GcpCis12     bool `json:"gcpCis12"`
	GcpK8s       bool `json:"gcpK8s"`
	GcpPci       bool `json:"gcpPci"`
	GcpPciRev2   bool `json:"gcpPciRev2"`
	GcpSoc       bool `json:"gcpSoc"`
	GcpSocRev2   bool `json:"gcpSocRev2"`
}

func (GcpReportRuleNotifications) ToMap 

func (gcp GcpReportRuleNotifications) ToMap() map[string]bool

type GcpReportType 

type GcpReportType int
const (
	NONE_GCP_REPORT GcpReportType = iota
	GCP_HIPAA
	GCP_CIS
	GCP_SOC
	GCP_CIS12
	GCP_K8S
	GCP_PCI_Rev2
	GCP_SOC_Rev2
	GCP_HIPAA_Rev2
	GCP_ISO_27001
	GCP_NIST_CSF
	GCP_NIST_800_53_REV4
	GCP_NIST_800_171_REV2
	GCP_PCI
	GCP_CIS13
	GCP_CIS_1_3_0_NIST_800_171_rev2
	GCP_CIS_1_3_0_NIST_800_53_rev5
	GCP_CIS_1_3_0_NIST_CSF
	GCP_PCI_DSS_3_2_1
	GCP_HIPAA_2013
	GCP_ISO_27001_2013
	GCP_CMMC_1_02
	GCP_SOC_2
)

func NewGcpReportType 

func NewGcpReportType(report string) (GcpReportType, error)

func (GcpReportType) String 

func (report GcpReportType) String() string

type GcpResourceGroupData 

type GcpResourceGroupData struct {
	Guid         string                `json:"guid,omitempty"`
	IsDefault    int                   `json:"isDefault,omitempty"`
	ResourceGuid string                `json:"resourceGuid,omitempty"`
	Name         string                `json:"resourceName"`
	Type         string                `json:"resourceType"`
	Enabled      int                   `json:"enabled,omitempty"`
	Props        GcpResourceGroupProps `json:"props"`
}

type GcpResourceGroupJsonStringProps 

type GcpResourceGroupJsonStringProps struct {
	Description  string        `json:"DESCRIPTION,omitempty"`
	Organization string        `json:"ORGANIZATION"`
	Projects     []string      `json:"PROJECTS"`
	UpdatedBy    string        `json:"UPDATED_BY,omitempty"`
	LastUpdated  *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type GcpResourceGroupProps 

type GcpResourceGroupProps struct {
	Description  string        `json:"description,omitempty"`
	Organization string        `json:"organization"`
	Projects     []string      `json:"projects"`
	UpdatedBy    string        `json:"updatedBy,omitempty"`
	LastUpdated  *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (GcpResourceGroupProps) GetBaseProps 

func (props GcpResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (GcpResourceGroupProps) MarshalJSON 

func (props GcpResourceGroupProps) MarshalJSON() ([]byte, error)

type GcpResourceGroupResponse 

type GcpResourceGroupResponse struct {
	Data GcpResourceGroupData `json:"data"`
}

type GcpSidekickCredentials 

type GcpSidekickCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId,omitempty"`
	PrivateKey   string `json:"privateKey,omitempty"`
	TokenUri     string `json:"tokenUri,omitempty"`
}

type GcpSidekickData 

type GcpSidekickData struct {
	Credentials GcpSidekickCredentials `json:"credentials"`
	IDType      string                 `json:"idType"`
	// Either the org id or project id
	ID                string `json:"id"`
	ScanningProjectId string `json:"scanningProjectId"`
	SharedBucket      string `json:"sharedBucketName"`
	FilterList        string `json:"filterList,omitempty"`
	QueryText         string `json:"queryText,omitempty"`
	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency           int  `json:"scanFrequency"`
	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`
	ScanMultiVolume         bool `json:"scanMultiVolume"`
	ScanStoppedInstances    bool `json:"scanStoppedInstances"`

	AccountMappingFile string `json:"accountMappingFile,omitempty"`
}

func (*GcpSidekickData) DecodeAccountMappingFile 

func (gcp *GcpSidekickData) DecodeAccountMappingFile() ([]byte, error)

func (*GcpSidekickData) EncodeAccountMappingFile 

func (gcp *GcpSidekickData) EncodeAccountMappingFile(mapping []byte)

type GcpSidekickIntegrationResponse 

type GcpSidekickIntegrationResponse struct {
	Data V2GcpSidekickIntegration `json:"data"`
}

type GcpSidekickToken 

type GcpSidekickToken struct {
	ServerToken string `json:"serverToken"`
	Uri         string `json:"uri"`
}

type GcpSuppressionsV2 

type GcpSuppressionsV2 struct {
	// contains filtered or unexported fields
}

GcpSuppressionsV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

func (*GcpSuppressionsV2) List 

func (svc *GcpSuppressionsV2) List() (map[string]SuppressionV2, error)

type GhcrCredentials 

type GhcrCredentials struct {
	Username string `json:"username"`
	Password string `json:"password,omitempty"`
	Ssl      bool   `json:"ssl"`
}

GcpCredentials is already defined in api/integrations_gcp.go:163 so we need to add a "V2" at the end to make it clear that this is the Google Credentials struct for API v2

type GhcrData 

type GhcrData struct {
	Credentials           GhcrCredentials     `json:"credentials"`
	RegistryNotifications bool                `json:"registryNotifications"`
	RegistryDomain        string              `json:"registryDomain"` // always "ghcr.io"
	RegistryType          string              `json:"registryType"`   // always "GHCR"
	LimitByTag            []string            `json:"limitByTag,omitempty"`
	LimitByLabel          []map[string]string `json:"limitByLabel,omitempty"`
	LimitByRep            []string            `json:"limitByRep,omitempty"`
	LimitNumImg           int                 `json:"limitNumImg"`
	NonOSPackageEval      bool                `json:"nonOsPackageEval"`
}

type GhcrIntegration 

type GhcrIntegration struct {
	Data GhcrData `json:"data"`
	// contains filtered or unexported fields
}

func (GhcrIntegration) ContainerRegistryType 

func (reg GhcrIntegration) ContainerRegistryType() containerRegistryType

func (GhcrIntegration) ID 

func (c GhcrIntegration) ID() string

func (GhcrIntegration) StateString 

func (c GhcrIntegration) StateString() string

func (GhcrIntegration) Status 

func (c GhcrIntegration) Status() string

type GhcrIntegrationResponse 

type GhcrIntegrationResponse struct {
	Data GhcrIntegration `json:"data"`
}

type HoneyEventResponse 

type HoneyEventResponse struct {
	Data    []Honeyvent `json:"data"`
	Ok      bool        `json:"ok"`
	Message string      `json:"message"`
}

type Honeyvent 

type Honeyvent struct {
	Version       string      `json:"version"`
	CfgVersion    int         `json:"config_version"`
	Os            string      `json:"os"`
	Arch          string      `json:"arch"`
	Command       string      `json:"command,omitempty"`
	Args          []string    `json:"args,omitempty"`
	Flags         []string    `json:"flags,omitempty"`
	Account       string      `json:"account,omitempty"`
	Subaccount    string      `json:"subaccount,omitempty"`
	Profile       string      `json:"profile,omitempty"`
	ApiKey        string      `json:"api_key,omitempty"`
	Feature       string      `json:"feature,omitempty"`
	FeatureData   interface{} `json:"feature.data,omitempty"`
	DurationMs    int64       `json:"duration_ms,omitempty"`
	Error         string      `json:"error,omitempty"`
	InstallMethod string      `json:"install_method,omitempty"`
	Component     string      `json:"component,omitempty"`
	Dataset       string      `json:"dataset,omitempty"`

	// tracing data for multiple events, this is useful for specific features
	// within the Lacework CLI such as daily version check, polling mechanism, etc.
	TraceID   string `json:"trace.trace_id,omitempty"`
	SpanID    string `json:"trace.span_id,omitempty"`
	ParentID  string `json:"trace.parent_id,omitempty"`
	ContextID string `json:"trace.context_id,omitempty"`
}

Honeyvent defines what a Honeycomb event looks like for the Lacework CLI

func NewHoneyvent 

func NewHoneyvent(version, feature, dataset string) Honeyvent

func (*Honeyvent) AddFeatureField 

func (e *Honeyvent) AddFeatureField(key string, value interface{})

type HostVulnCounts 

type HostVulnCounts struct {
	Critical     int32
	CritFixable  int32
	High         int32
	HighFixable  int32
	Medium       int32
	MedFixable   int32
	Low          int32
	LowFixable   int32
	Info         int32
	InfoFixable  int32
	Total        int32
	TotalFixable int32
}

func (*HostVulnCounts) HighestFixableSeverity 

func (h *HostVulnCounts) HighestFixableSeverity() string

HighestFixableSeverity returns the highest fixable severity level vulnerability

func (*HostVulnCounts) HighestSeverity 

func (h *HostVulnCounts) HighestSeverity() string

HighestSeverity returns the highest severity level vulnerability

func (*HostVulnCounts) TotalFixableVulnerabilities 

func (h *HostVulnCounts) TotalFixableVulnerabilities() int32

TotalFixableVulnerabilities returns the total number of vulnerabilities that have a fix available

type IbmQRadarAlertChannelResponseV2 

type IbmQRadarAlertChannelResponseV2 struct {
	Data IbmQRadarAlertChannelV2 `json:"data"`
}

type IbmQRadarAlertChannelV2 

type IbmQRadarAlertChannelV2 struct {
	Data IbmQRadarDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (IbmQRadarAlertChannelV2) ID 

func (c IbmQRadarAlertChannelV2) ID() string

func (IbmQRadarAlertChannelV2) StateString 

func (c IbmQRadarAlertChannelV2) StateString() string

func (IbmQRadarAlertChannelV2) Status 

func (c IbmQRadarAlertChannelV2) Status() string

type IbmQRadarDataV2 

type IbmQRadarDataV2 struct {
	QRadarCommType qradarComm `json:"qradarCommType"`
	HostURL        string     `json:"qradarHostUrl"`
	HostPort       int        `json:"qradarHostPort,omitempty"`
}

type ImageEntity 

type ImageEntity struct {
	ContainerType string    `json:"containerType"`
	CreatedTime   time.Time `json:"createdTime"`
	ImageID       string    `json:"imageId"`
	Mid           int       `json:"mid"`
	Repo          string    `json:"repo"`
	Size          int       `json:"size"`
	Tag           string    `json:"tag"`
}

type ImageInfo 

type ImageInfo struct {
	CreatedTime int64    `json:"created_time"`
	Digest      string   `json:"digest"`
	ErrorMsg    []string `json:"error_msg"`
	ID          string   `json:"id"`
	Registry    string   `json:"registry"`
	Repo        string   `json:"repo"`
	Size        int      `json:"size"`
	Status      string   `json:"status"`
	Tags        []string `json:"tags"`
	Type        string   `json:"type"`
}

type ImagesEntityResponse 

type ImagesEntityResponse struct {
	Data   []ImageEntity `json:"data"`
	Paging V2Pagination  `json:"paging"`
	// contains filtered or unexported fields
}

func (ImagesEntityResponse) PageInfo 

func (r ImagesEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (ImagesEntityResponse) PageNumber 

func (m ImagesEntityResponse) PageNumber() int

func (*ImagesEntityResponse) PageRead 

func (m *ImagesEntityResponse) PageRead()

func (*ImagesEntityResponse) ResetPaging 

func (r *ImagesEntityResponse) ResetPaging()

func (*ImagesEntityResponse) SetTotalPages 

func (m *ImagesEntityResponse) SetTotalPages(total int)

func (ImagesEntityResponse) TotalPages 

func (m ImagesEntityResponse) TotalPages() int

type InlineScannerData 

type InlineScannerData struct {
	RegistryType  string              `json:"registryType"` // always "INLINE_SCANNER"
	IdentifierTag []map[string]string `json:"identifierTag"`
	LimitNumScan  string              `json:"limitNumScan,omitempty"`
}

type InlineScannerIntegration 

type InlineScannerIntegration struct {
	Data        InlineScannerData `json:"data"`
	ServerToken V2ServerToken     `json:"serverToken"`
	// contains filtered or unexported fields
}

func (InlineScannerIntegration) ContainerRegistryType 

func (reg InlineScannerIntegration) ContainerRegistryType() containerRegistryType

func (InlineScannerIntegration) ID 

func (c InlineScannerIntegration) ID() string

func (InlineScannerIntegration) StateString 

func (c InlineScannerIntegration) StateString() string

func (InlineScannerIntegration) Status 

func (c InlineScannerIntegration) Status() string

type InlineScannerIntegrationResponse 

type InlineScannerIntegrationResponse struct {
	Data InlineScannerIntegration `json:"data"`
}

type InventoryAws 

type InventoryAws struct {
	ApiKey         string `json:"apiKey"`
	Csp            string `json:"csp"`
	EndTime        string `json:"endTime"`
	StartTime      string `json:"startTime"`
	ResourceId     string `json:"resourceId"`
	ResourceRegion string `json:"resourceRegion"`
	ResourceTags   any    `json:"resourceTags"`
	ResourceType   string `json:"resourceType"`
	Service        string `json:"service"`
	Urn            string `json:"urn"`
	CloudDetails   struct {
		AccountAlias string `json:"accountAlias"`
		AccountID    string `json:"accountID"`
	} `json:"cloudDetails"`
	Status struct {
		FormatVersion int    `json:"formatVersion"`
		Props         any    `json:"props"`
		Status        string `json:"status"`
		// Error status
		ErrorMessage string `json:"errorMessage,omitempty"`
		ErrorType    string `json:"errorType,omitempty"`
	} `json:"status"`
	ResourceConfig any `json:"resourceConfig"`
}

type InventoryAwsResponse 

type InventoryAwsResponse struct {
	Data   []InventoryAws `json:"data"`
	Paging V2Pagination   `json:"paging"`
}

func (InventoryAwsResponse) GetDataLength 

func (r InventoryAwsResponse) GetDataLength() int

func (InventoryAwsResponse) PageInfo 

func (r InventoryAwsResponse) PageInfo() *V2Pagination

func (*InventoryAwsResponse) ResetPaging 

func (r *InventoryAwsResponse) ResetPaging()

type InventoryScanResponse 

type InventoryScanResponse struct {
	Data struct {
		Status  string `json:"status"`
		Details string `json:"details"`
	} `json:"data"`
}

type InventorySearch 

type InventorySearch struct {
	SearchFilter
	Csp     inventoryType    `json:"csp"`
	Dataset inventoryDataset `json:"dataset"`
}

func (InventorySearch) GetTimeFilter 

func (i InventorySearch) GetTimeFilter() *TimeFilter

func (InventorySearch) SetEndTime 

func (i InventorySearch) SetEndTime(time *time.Time)

func (InventorySearch) SetStartTime 

func (i InventorySearch) SetStartTime(time *time.Time)

type InventoryService 

type InventoryService struct {
	// contains filtered or unexported fields
}

func (*InventoryService) Scan 

func (svc *InventoryService) Scan(cloud inventoryType) (response InventoryScanResponse, err error)

Scan triggers a resource inventory scan

func (*InventoryService) Search 

func (svc *InventoryService) Search(response interface{}, filters SearchableFilter) error

Search expects the response and the search filters

e.g. 

 var (
	  awsInventorySearchResponse api.InventoryAwsResponse
	  filter = api.InventorySearch{
		  SearchFilter: api.SearchFilter{
			  Filters: []api.Filter{{
				  Expression: "eq",
				  Field:      "urn",
				  Value:      arn:aws:s3:::my-bucket,
			  }},
		  },
		  Dataset: api.AwsComplianceEvaluationDataset,
	  }
 )
  lacework.V2.Inventory.Search(&awsInventorySearchResponse, filters)

type JiraAlertChannelResponseV2 

type JiraAlertChannelResponseV2 struct {
	Data JiraAlertChannelV2 `json:"data"`
}

type JiraAlertChannelV2 

type JiraAlertChannelV2 struct {
	Data JiraDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (JiraAlertChannelV2) ID 

func (c JiraAlertChannelV2) ID() string

func (JiraAlertChannelV2) StateString 

func (c JiraAlertChannelV2) StateString() string

func (JiraAlertChannelV2) Status 

func (c JiraAlertChannelV2) Status() string

type JiraDataV2 

type JiraDataV2 struct {
	ApiToken           string `json:"apiToken,omitempty"` // used for Jira Cloud
	CustomTemplateFile string `json:"customTemplateFile,omitempty"`
	IssueGrouping      string `json:"issueGrouping,omitempty"`
	IssueType          string `json:"issueType"`
	JiraType           string `json:"jiraType"`
	JiraUrl            string `json:"jiraUrl"`
	ProjectID          string `json:"projectId"`
	Username           string `json:"username"`
	Password           string `json:"password,omitempty"`            // used for Jira Server
	Configuration      string `json:"bidirectionalConfig,omitempty"` // used for bidirectional integration
}

func (*JiraDataV2) DecodeCustomTemplateFile 

func (jira *JiraDataV2) DecodeCustomTemplateFile() (string, error)

func (*JiraDataV2) EncodeCustomTemplateFile 

func (jira *JiraDataV2) EncodeCustomTemplateFile(template string)

type LatestComponent 

type LatestComponent struct {
	Components []LatestComponentVersion `json:"components"`
}

type LatestComponentVersion 

type LatestComponentVersion struct {
	Id            int32  `json:"id"`
	Name          string `json:"name"`
	Description   string `json:"description"`
	Version       string `json:"version"`
	Size          int64  `json:"size"`
	ComponentType string `json:"type"`
	Deprecated    bool   `json:"deprecated"`
}

type LifecycleCallbacks 

type LifecycleCallbacks struct {
	// RequestCallback is a function that will be executed after every client request
	RequestCallback func(int, http.Header) error

	// TokenExpiredCallback  is a function that the consumer can configure
	// into the client so that it is run when the token expired
	TokenExpiredCallback func() error
}

type ListComponentVersionsResponse 

type ListComponentVersionsResponse struct {
	Data []ComponentVersions `json:"data"`
}

type ListComponentsResponse 

type ListComponentsResponse struct {
	Data    []LatestComponent `json:"data"`
	Message string            `json:"message"`
}

type LwAccountResourceGroupData 

type LwAccountResourceGroupData struct {
	Guid         string                      `json:"guid,omitempty"`
	IsDefault    int                         `json:"isDefault,omitempty"`
	ResourceGuid string                      `json:"resourceGuid,omitempty"`
	Name         string                      `json:"resourceName"`
	Type         string                      `json:"resourceType"`
	Enabled      int                         `json:"enabled,omitempty"`
	Props        LwAccountResourceGroupProps `json:"props"`
}

type LwAccountResourceGroupJsonStringProps 

type LwAccountResourceGroupJsonStringProps struct {
	Description string        `json:"DESCRIPTION,omitempty"`
	LwAccounts  []string      `json:"LW_ACCOUNTS"`
	UpdatedBy   string        `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type LwAccountResourceGroupProps 

type LwAccountResourceGroupProps struct {
	Description string        `json:"description,omitempty"`
	LwAccounts  []string      `json:"lwAccounts"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (LwAccountResourceGroupProps) GetBaseProps 

func (props LwAccountResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (LwAccountResourceGroupProps) MarshalJSON 

func (props LwAccountResourceGroupProps) MarshalJSON() ([]byte, error)

type LwAccountResourceGroupResponse 

type LwAccountResourceGroupResponse struct {
	Data LwAccountResourceGroupData `json:"data"`
}

type MachineDetailEntity 

type MachineDetailEntity struct {
	AwsInstanceID string    `json:"awsInstanceId"`
	AwsZone       string    `json:"awsZone"`
	CreatedTime   time.Time `json:"createdTime"`
	Domain        string    `json:"domain"`
	Hostname      string    `json:"hostname"`
	Kernel        string    `json:"kernel"`
	KernelRelease string    `json:"kernelRelease"`
	KernelVersion string    `json:"kernelVersion"`
	Mid           int       `json:"mid"`
	Os            string    `json:"os"`
	OsVersion     string    `json:"osVersion"`
	Tags          struct {
		// Shared Tags
		Arch           string `json:"arch,omitempty"`
		ExternalIP     string `json:"ExternalIp,omitempty"`
		Hostname       string `json:"Hostname,omitempty"`
		InstanceID     string `json:"InstanceId,omitempty"`
		InternalIP     string `json:"InternalIp,omitempty"`
		LwTokenShort   string `json:"LwTokenShort,omitempty"`
		Os             string `json:"os,omitempty"`
		VMInstanceType string `json:"VmInstanceType,omitempty"`
		VMProvider     string `json:"VmProvider,omitempty"`
		Zone           string `json:"Zone,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiID    string `json:"AmiId,omitempty"`
		Name     string `json:"Name,omitempty"`
		SubnetID string `json:"SubnetId,omitempty"`
		VpcID    string `json:"VpcId,omitempty"`

		// GCP Tags
		Cluster                 string `json:"Cluster,omitempty"`
		ClusterLocation         string `json:"cluster-location,omitempty"`
		ClusterName             string `json:"cluster-name,omitempty"`
		ClusterUID              string `json:"cluster-uid,omitempty"`
		CreatedBy               string `json:"created-by,omitempty"`
		EnableOSLogin           string `json:"enable-oslogin,omitempty"`
		Env                     string `json:"Env,omitempty"`
		GCEtags                 string `json:"GCEtags,omitempty"`
		GCIEnsureGKEDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GCIUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePCID string `json:"google-compute-enable-pcid,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		InstanceTemplate        string `json:"InstanceTemplate,omitempty"`
		KubeLabels              string `json:"kube-labels,omitempty"`
		LWKubernetesCluster     string `json:"lw_KubernetesCluster,omitempty"`
		NumericProjectID        string `json:"NumericProjectId,omitempty"`
		ProjectID               string `json:"ProjectId,omitempty"`
	} `json:"tags"`
}

type MachineDetailsEntityResponse 

type MachineDetailsEntityResponse struct {
	Data   []MachineDetailEntity `json:"data"`
	Paging V2Pagination          `json:"paging"`
	// contains filtered or unexported fields
}

func (MachineDetailsEntityResponse) PageInfo 

func (r MachineDetailsEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (MachineDetailsEntityResponse) PageNumber 

func (m MachineDetailsEntityResponse) PageNumber() int

func (*MachineDetailsEntityResponse) PageRead 

func (m *MachineDetailsEntityResponse) PageRead()

func (*MachineDetailsEntityResponse) ResetPaging 

func (r *MachineDetailsEntityResponse) ResetPaging()

func (*MachineDetailsEntityResponse) SetTotalPages 

func (m *MachineDetailsEntityResponse) SetTotalPages(total int)

func (MachineDetailsEntityResponse) TotalPages 

func (m MachineDetailsEntityResponse) TotalPages() int

type MachineEntity 

type MachineEntity struct {
	AwsInstanceID string    `json:"awsInstanceId"`
	Hostname      string    `json:"hostname"`
	EntityType    string    `json:"entityType"`
	EndTime       time.Time `json:"endTime"`
	Mid           int       `json:"mid"`
	PrimaryIpAddr string    `json:"primaryIpAddr"`
	StartTime     time.Time `json:"startTime"`
	Tags          struct {
		// Shared Tags
		Cluster             string `json:"Cluster,omitempty"`
		Env                 string `json:"Env,omitempty"`
		Arch                string `json:"arch,omitempty"`
		ExternalIP          string `json:"ExternalIp,omitempty"`
		Hostname            string `json:"Hostname,omitempty"`
		InstanceID          string `json:"InstanceId,omitempty"`
		InternalIP          string `json:"InternalIp,omitempty"`
		LwTokenShort        string `json:"LwTokenShort,omitempty"`
		Os                  string `json:"os,omitempty"`
		VMInstanceType      string `json:"VmInstanceType,omitempty"`
		VMProvider          string `json:"VmProvider,omitempty"`
		Zone                string `json:"Zone,omitempty"`
		ClusterLocation     string `json:"cluster-location,omitempty"`
		ClusterName         string `json:"cluster-name,omitempty"`
		ClusterUid          string `json:"cluster-uid,omitempty"`
		CreatedBy           string `json:"created-by,omitempty"`
		LwKubernetesCluster string `json:"lw_KubernetesCluster,omitempty"`
		KubeLabels          string `json:"kube-labels,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiId    string `json:"AmiId,omitempty"`
		SubnetId string `json:"SubnetId,omitempty"`
		VpcId    string `json:"VpcId,omitempty"`

		// GCP Tags
		GCEtags                 string `json:"GCEtags,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		NumericProjectId        string `json:"NumericProjectId,omitempty"`
		ProjectId               string `json:"ProjectId,omitempty"`
		EnableOslogin           string `json:"enable-oslogin,omitempty"`
		GciEnsureGkeDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GciUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePcid string `json:"google-compute-enable-pcid,omitempty"`
		InstanceTemplate        string `json:"instance-template,omitempty"`
	} `json:"machineTags"`
}

type MachineResourceGroupData 

type MachineResourceGroupData struct {
	Guid         string                    `json:"guid,omitempty"`
	IsDefault    int                       `json:"isDefault,omitempty"`
	ResourceGuid string                    `json:"resourceGuid,omitempty"`
	Name         string                    `json:"resourceName"`
	Type         string                    `json:"resourceType"`
	Enabled      int                       `json:"enabled,omitempty"`
	Props        MachineResourceGroupProps `json:"props"`
}

type MachineResourceGroupJsonStringProps 

type MachineResourceGroupJsonStringProps struct {
	Description string              `json:"DESCRIPTION,omitempty"`
	MachineTags []map[string]string `json:"MACHINE_TAGS"`
	UpdatedBy   string              `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch       `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type MachineResourceGroupProps 

type MachineResourceGroupProps struct {
	Description string              `json:"description,omitempty"`
	MachineTags []map[string]string `json:"machineTags"`
	UpdatedBy   string              `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch       `json:"lastUpdated,omitempty"`
}

func (MachineResourceGroupProps) GetBaseProps 

func (props MachineResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (MachineResourceGroupProps) MarshalJSON 

func (props MachineResourceGroupProps) MarshalJSON() ([]byte, error)

type MachineResourceGroupResponse 

type MachineResourceGroupResponse struct {
	Data MachineResourceGroupData `json:"data"`
}

type MachinesEntityResponse 

type MachinesEntityResponse struct {
	Data   []MachineEntity `json:"data"`
	Paging V2Pagination    `json:"paging"`
	// contains filtered or unexported fields
}

func (MachinesEntityResponse) PageInfo 

func (r MachinesEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (MachinesEntityResponse) PageNumber 

func (m MachinesEntityResponse) PageNumber() int

func (*MachinesEntityResponse) PageRead 

func (m *MachinesEntityResponse) PageRead()

func (*MachinesEntityResponse) ResetPaging 

func (r *MachinesEntityResponse) ResetPaging()

func (*MachinesEntityResponse) SetTotalPages 

func (m *MachinesEntityResponse) SetTotalPages(total int)

func (MachinesEntityResponse) TotalPages 

func (m MachinesEntityResponse) TotalPages() int

type MetricsService 

type MetricsService struct {
	// contains filtered or unexported fields
}

MetricsService is a service that sends events to Lacework APIv2 Server metrics endpoint

func (*MetricsService) Send 

func (svc *MetricsService) Send(event Honeyvent) (response HoneyEventResponse, err error)

type MicrosoftTeamsAlertChannelResponseV2 

type MicrosoftTeamsAlertChannelResponseV2 struct {
	Data MicrosoftTeamsAlertChannelV2 `json:"data"`
}

type MicrosoftTeamsAlertChannelV2 

type MicrosoftTeamsAlertChannelV2 struct {
	Data MicrosoftTeamsData `json:"data"`
	// contains filtered or unexported fields
}

func (MicrosoftTeamsAlertChannelV2) ID 

func (c MicrosoftTeamsAlertChannelV2) ID() string

func (MicrosoftTeamsAlertChannelV2) StateString 

func (c MicrosoftTeamsAlertChannelV2) StateString() string

func (MicrosoftTeamsAlertChannelV2) Status 

func (c MicrosoftTeamsAlertChannelV2) Status() string

type MicrosoftTeamsData 

type MicrosoftTeamsData struct {
	TeamsURL string `json:"teamsUrl"`
}

type MigrateData 

type MigrateData struct {
	IntgGuid string `json:"intgGuid"`
	Props    Props  `json:"props"`
}

type MigrateRequestData 

type MigrateRequestData struct {
	Data MigrateData `json:"data"`
}

type NewPolicy 

type NewPolicy struct {
	PolicyID      string   `json:"policyId,omitempty" yaml:"policyId,omitempty" `
	PolicyType    string   `json:"policyType" yaml:"policyType"`
	QueryID       string   `json:"queryId" yaml:"queryId"`
	Title         string   `json:"title" yaml:"title"`
	Enabled       bool     `json:"enabled" yaml:"enabled"`
	Description   string   `json:"description" yaml:"description"`
	Remediation   string   `json:"remediation" yaml:"remediation"`
	Severity      string   `json:"severity" yaml:"severity"`
	Limit         int      `json:"limit,omitempty" yaml:"limit,omitempty"`
	EvalFrequency string   `json:"evalFrequency,omitempty" yaml:"evalFrequency,omitempty"`
	AlertEnabled  bool     `json:"alertEnabled" yaml:"alertEnabled"`
	AlertProfile  string   `json:"alertProfile,omitempty" yaml:"alertProfile,omitempty"`
	Tags          []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}

func ParseNewPolicy 

func ParseNewPolicy(s string) (NewPolicy, error)

type NewQuery 

type NewQuery struct {
	QueryID       string  `json:"queryId" yaml:"queryId"`
	QueryLanguage *string `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
	QueryText     string  `json:"queryText" yaml:"queryText"`
}

func ParseNewQuery 

func ParseNewQuery(s string) (NewQuery, error)

type NewRelicInsightsAlertChannelResponseV2 

type NewRelicInsightsAlertChannelResponseV2 struct {
	Data NewRelicInsightsAlertChannelV2 `json:"data"`
}

type NewRelicInsightsAlertChannelV2 

type NewRelicInsightsAlertChannelV2 struct {
	Data NewRelicInsightsDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (NewRelicInsightsAlertChannelV2) ID 

func (c NewRelicInsightsAlertChannelV2) ID() string

func (NewRelicInsightsAlertChannelV2) StateString 

func (c NewRelicInsightsAlertChannelV2) StateString() string

func (NewRelicInsightsAlertChannelV2) Status 

func (c NewRelicInsightsAlertChannelV2) Status() string

type NewRelicInsightsDataV2 

type NewRelicInsightsDataV2 struct {
	AccountID int    `json:"accountId"`
	InsertKey string `json:"insertKey"`
}

type OciCfg 

type OciCfg struct {
	Data OciCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (OciCfg) ID 

func (c OciCfg) ID() string

func (OciCfg) StateString 

func (c OciCfg) StateString() string

func (OciCfg) Status 

func (c OciCfg) Status() string

type OciCfgCredentials 

type OciCfgCredentials struct {
	Fingerprint string `json:"fingerprint"`
	PrivateKey  string `json:"privateKey,omitempty"`
}

type OciCfgData 

type OciCfgData struct {
	Credentials OciCfgCredentials `json:"credentials"`
	HomeRegion  string            `json:"homeRegion"`
	TenantID    string            `json:"tenantId"`
	TenantName  string            `json:"tenantName"`
	UserOCID    string            `json:"userOcid"`
}

type OciCfgIntegrationResponse 

type OciCfgIntegrationResponse struct {
	Data OciCfg `json:"data"`
}

type Option 

type Option interface {
	// contains filtered or unexported methods
}

func WithApiKeys 

func WithApiKeys(id, secret string) Option

WithApiKeys sets the key_id and secret used to generate API access tokens

func WithApiV2 

func WithApiV2() Option

WithApiV2 configures the client to use the API version 2 (/api/v2) for common API endpoints

(no-op) DEPRECATED

func WithExpirationTime 

func WithExpirationTime(t int) Option

WithExpirationTime configures the token expiration time

func WithHeader 

func WithHeader(header, value string) Option

WithHeader configures a HTTP Header to pass to every request

func WithLifecycleCallbacks 

func WithLifecycleCallbacks(callbacks LifecycleCallbacks) Option

WithLifecycleCallbacks will configure the lifecycle callback functions

func WithLogFile 

func WithLogFile(filename string) Option

WithLogFile configures the client to write messages to the provided file

func WithLogLevel 

func WithLogLevel(level string) Option

WithLogLevel sets the log level of the client, available: info, debug, or error

func WithLogLevelAndFile 

func WithLogLevelAndFile(level string, filename string) Option

WithLogLevelAndFile sets the log level of the client and writes the log messages to the provided file

func WithLogLevelAndWriter 

func WithLogLevelAndWriter(level string, w io.Writer) Option

WithLogLevelAndWriter sets the log level of the client and writes the log messages to the provided io.Writer

func WithLogWriter 

func WithLogWriter(w io.Writer) Option

WithLogWriter configures the client to log messages to the provided io.Writer

func WithOrgAccess 

func WithOrgAccess() Option

WithOrgAccess sets the Org-Access Header to access the organization level data sets

func WithRetries 

func WithRetries(retries *backoff.ExponentialBackOff) Option

WithRetries sets the retrying policy for API requests

func WithSubaccount 

func WithSubaccount(subaccount string) Option

WithSubaccount sets a subaccount into an API client

func WithTimeout 

func WithTimeout(timeout time.Duration) Option

WithTimeout changes the default client timeout

func WithToken 

func WithToken(token string) Option

WithToken sets the token used to authenticate the API requests

func WithTokenAndExpiration 

func WithTokenAndExpiration(token string, expiration time.Time) Option

WithTokenAndExpiration sets the token used to authenticate the API requests and additionally configures the expiration of the token

func WithTokenFromKeys 

func WithTokenFromKeys(id, secret string) Option

WithTokenFromKeys sets the API access keys and triggers a new token generation NOTE: Order matters when using this option, use it at the end of a NewClient() func

func WithTransport 

func WithTransport(transport http.RoundTripper) Option

WithTransport changes the default transport to increase TLSHandshakeTimeout

func WithURL 

func WithURL(baseURL string) Option

WithURL sets the base URL, this options is only available for test purposes

type OrganizationInfo 

type OrganizationInfo struct {
	OrgAccount    bool   `json:"orgAccount"`
	OrgAccountURL string `json:"orgAccountUrl,omitempty"`
}

func (OrganizationInfo) AccountName 

func (r OrganizationInfo) AccountName() string

type OrganizationInfoResponse 

type OrganizationInfoResponse struct {
	Data []OrganizationInfo `json:"data"`
}

type OrganizationInfoService 

type OrganizationInfoService struct {
	// contains filtered or unexported fields
}

OrganizationInfoService is the service that interacts with the OrganizationInfo schema from the Lacework APIv2 Server

func (*OrganizationInfoService) Get 

func (svc *OrganizationInfoService) Get() (
	response OrganizationInfoResponse,
	err error,
)

type Pageable 

type Pageable interface {
	PageInfo() *V2Pagination
	ResetPaging()

	// all these functions are automatically implemented when attaching
	// the v2PageMetadata type into any Pageable struct, so attaching that
	// struct is a requirement
	PageRead()
	SetTotalPages(int)
	TotalPages() int
	PageNumber() int
}

Pageable is the interface that structs should implement to become pageable and be able to use the client.NextPage() function

type PagerDutyApiAlertChannelResponseV2 

type PagerDutyApiAlertChannelResponseV2 struct {
	Data PagerDutyApiAlertChannelV2 `json:"data"`
}

type PagerDutyApiAlertChannelV2 

type PagerDutyApiAlertChannelV2 struct {
	Data PagerDutyApiDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (PagerDutyApiAlertChannelV2) ID 

func (c PagerDutyApiAlertChannelV2) ID() string

func (PagerDutyApiAlertChannelV2) StateString 

func (c PagerDutyApiAlertChannelV2) StateString() string

func (PagerDutyApiAlertChannelV2) Status 

func (c PagerDutyApiAlertChannelV2) Status() string

type PagerDutyApiDataV2 

type PagerDutyApiDataV2 struct {
	IntegrationKey string `json:"apiIntgKey"`
}

type PoliciesResponse 

type PoliciesResponse struct {
	Data    []Policy `json:"data"`
	Message string   `json:"message"`
}

type Policy 

type Policy struct {
	PolicyID               string             `json:"policyId" yaml:"policyId"`
	PolicyType             string             `json:"policyType" yaml:"-"`
	QueryID                string             `json:"queryId" yaml:"queryId"`
	QueryLanguage          *string            `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
	Title                  string             `json:"title" yaml:"title"`
	Enabled                bool               `json:"enabled" yaml:"enabled"`
	Description            string             `json:"description" yaml:"description"`
	Remediation            string             `json:"remediation" yaml:"remediation"`
	Severity               string             `json:"severity" yaml:"severity"`
	Limit                  int                `json:"limit" yaml:"limit"`
	EvalFrequency          string             `json:"evalFrequency" yaml:"evalFrequency"`
	AlertEnabled           bool               `json:"alertEnabled" yaml:"alertEnabled"`
	AlertProfile           string             `json:"alertProfile" yaml:"alertProfile"`
	Tags                   []string           `json:"tags" yaml:"tags"`
	Owner                  string             `json:"owner" yaml:"-"`
	LastUpdateTime         string             `json:"lastUpdateTime" yaml:"-"`
	LastUpdateUser         string             `json:"lastUpdateUser" yaml:"-"`
	ExceptionConfiguration ExceptionConfigMap `json:"exceptionConfiguration" yaml:"-"`
}

func (*Policy) HasTag 

func (p *Policy) HasTag(t string) bool

type PolicyException 

type PolicyException struct {
	ExceptionID    string                      `json:"exceptionId,omitempty"`
	Description    string                      `json:"description"`
	Constraints    []PolicyExceptionConstraint `json:"constraints"`
	LastUpdateTime string                      `json:"lastUpdateTime,omitempty"`
	LastUpdateUser string                      `json:"lastUpdateUser,omitempty"`
}

type PolicyExceptionConfigurationConstraints 

type PolicyExceptionConfigurationConstraints struct {
	DataType   string `json:"dataType" yaml:"dataType"`
	FieldKey   string `json:"fieldKey" yaml:"fieldKey"`
	MultiValue bool   `json:"multiValue" yaml:"multiValue"`
}

type PolicyExceptionConstraint 

type PolicyExceptionConstraint struct {
	FieldKey    string `json:"fieldKey"`
	FieldValues []any  `json:"fieldValues"`
}

type PolicyExceptionResponse 

type PolicyExceptionResponse struct {
	Data PolicyException `json:"data"`
}

type PolicyExceptionsResponse 

type PolicyExceptionsResponse struct {
	Data []PolicyException `json:"data"`
}

type PolicyResponse 

type PolicyResponse struct {
	Data    Policy `json:"data"`
	Message string `json:"message"`
}

type PolicyService 

type PolicyService struct {
	Exceptions *policyExceptionsService
	// contains filtered or unexported fields
}

PolicyService is a service that interacts with the Custom Policies endpoints from the Lacework Server

func NewV2PolicyService 

func NewV2PolicyService(c *Client) *PolicyService

func (*PolicyService) Create 

func (svc *PolicyService) Create(np NewPolicy) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) Delete 

func (svc *PolicyService) Delete(policyID string) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) Get 

func (svc *PolicyService) Get(policyID string) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) List 

func (svc *PolicyService) List() (
	response PoliciesResponse,
	err error,
)

func (*PolicyService) ListTags 

func (svc *PolicyService) ListTags() (
	response PolicyTagsResponse,
	err error,
)

func (*PolicyService) Update 

func (svc *PolicyService) Update(up UpdatePolicy) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) UpdateMany 

func (svc *PolicyService) UpdateMany(policies BulkUpdatePolicies) (
	response BulkPolicyUpdateResponse,
	err error,
)

UpdateMany supports updating the state(enabled/disabled) and severity of more than one policy using the policy bulk update api

type PolicyTagsResponse 

type PolicyTagsResponse struct {
	Data    []string `json:"data"`
	Message string   `json:"message"`
}

type Props 

type Props struct {
	Migrate            bool      `json:"migrate"`
	MigrationTimestamp time.Time `json:"migrationTimestamp"`
}

type ProxyScannerData 

type ProxyScannerData struct {
	RegistryType string              `json:"registryType"` // always "PROXY_SCANNER"
	LimitByTag   []string            `json:"limitByTag"`
	LimitByLabel []map[string]string `json:"limitByLabel"`
	LimitByRep   []string            `json:"limitByRep"`
	LimitNumImg  int                 `json:"limitNumImg"`
}

type ProxyScannerIntegration 

type ProxyScannerIntegration struct {
	Data        ProxyScannerData `json:"data"`
	ServerToken V2ServerToken    `json:"serverToken"`
	// contains filtered or unexported fields
}

func (ProxyScannerIntegration) ContainerRegistryType 

func (reg ProxyScannerIntegration) ContainerRegistryType() containerRegistryType

func (ProxyScannerIntegration) ID 

func (c ProxyScannerIntegration) ID() string

func (ProxyScannerIntegration) StateString 

func (c ProxyScannerIntegration) StateString() string

func (ProxyScannerIntegration) Status 

func (c ProxyScannerIntegration) Status() string

type ProxyScannerIntegrationResponse 

type ProxyScannerIntegrationResponse struct {
	Data ProxyScannerIntegration `json:"data"`
}

type QueriesResponse 

type QueriesResponse struct {
	Data    []Query `json:"data"`
	Message string  `json:"message"`
}

type Query 

type Query struct {
	QueryID        string                   `json:"queryId" yaml:"queryId"`
	QueryLanguage  *string                  `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
	QueryText      string                   `json:"queryText" yaml:"queryText"`
	Owner          string                   `json:"owner"`
	LastUpdateTime string                   `json:"lastUpdateTime"`
	LastUpdateUser string                   `json:"lastUpdateUser"`
	ResultSchema   []map[string]interface{} `json:"resultSchema"`
}

type QueryDeleteResponse 

type QueryDeleteResponse struct {
	Message string `json:"message"`
}

type QueryResponse 

type QueryResponse struct {
	Data    Query  `json:"data"`
	Message string `json:"message"`
}

type QueryService 

type QueryService struct {
	// contains filtered or unexported fields
}

QueryService is a service that interacts with the Queries endpoints from the Lacework Server

func (*QueryService) Create 

func (svc *QueryService) Create(nq NewQuery) (
	response QueryResponse,
	err error,
)

func (*QueryService) Delete 

func (svc *QueryService) Delete(id string) (
	response QueryDeleteResponse,
	err error,
)

func (*QueryService) Execute 

func (svc *QueryService) Execute(request ExecuteQueryRequest) (
	response ExecuteQueryResponse,
	err error,
)

func (*QueryService) ExecuteByID 

func (svc *QueryService) ExecuteByID(request ExecuteQueryByIDRequest) (
	response ExecuteQueryResponse,
	err error,
)

func (*QueryService) Get 

func (svc *QueryService) Get(id string) (
	response QueryResponse,
	err error,
)

func (*QueryService) List 

func (svc *QueryService) List() (
	response QueriesResponse,
	err error,
)

func (*QueryService) RegoQueryEnabled 

func (svc *QueryService) RegoQueryEnabled() bool

func (*QueryService) Update 

func (svc *QueryService) Update(id string, uq UpdateQuery) (
	response QueryResponse,
	err error,
)

func (*QueryService) Validate 

func (svc *QueryService) Validate(vq ValidateQuery) (
	response QueryResponse,
	err error,
)

type RGChild 

type RGChild struct {
	Operator   string     `json:"operator,omitempty"`
	FilterName string     `json:"filterName,omitempty"`
	Children   []*RGChild `json:"children,omitempty"`
}

type RGExpression 

type RGExpression struct {
	Operator string     `json:"operator"`
	Children []*RGChild `json:"children"`
}

type RGFilter 

type RGFilter struct {
	Field     string   `json:"field"`
	Operation string   `json:"operation"`
	Values    []string `json:"values"`
	Key       string   `json:"key,omitempty"`
}

type RGQuery 

type RGQuery struct {
	Filters    map[string]*RGFilter `json:"filters"`
	Expression *RGExpression        `json:"expression"`
}

type RecV2 

type RecV2 struct {
	ID    string
	State bool
}

type RecommendationDataV2 

type RecommendationDataV2 map[string]RecommendationEnabledV2

type RecommendationEnabledV2 

type RecommendationEnabledV2 struct {
	Enabled bool `json:"enabled"`
}

type RecommendationResponseV2 

type RecommendationResponseV2 struct {
	Data    []RecommendationDataV2 `json:"data"`
	Ok      bool                   `json:"ok"`
	Message string                 `json:"message"`
}

func (*RecommendationResponseV2) RecommendationList 

func (res *RecommendationResponseV2) RecommendationList() (recommendations []RecV2)

func (*RecommendationResponseV2) ReportStatus 

func (res *RecommendationResponseV2) ReportStatus() map[string]bool

ReportStatus This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct.

type RecommendationStateV2 

type RecommendationStateV2 map[string]string

func NewRecommendationV2 

func NewRecommendationV2(recommendations []RecV2) RecommendationStateV2

func NewRecommendationV2State 

func NewRecommendationV2State(recommendations []RecV2, state bool) RecommendationStateV2

type RecommendationTypeV2 

type RecommendationTypeV2 string
const (
	AwsRecommendation   RecommendationTypeV2 = "aws"
	AzureRecommendation RecommendationTypeV2 = "azure"
	GcpRecommendation   RecommendationTypeV2 = "gcp"
)

type RecommendationV2 

type RecommendationV2 struct {
	AccountID             string                  `json:"ACCOUNT_ID"`
	AccountAlias          string                  `json:"ACCOUNT_ALIAS"`
	Service               string                  `json:"SERVICE"`
	StartTime             int64                   `json:"START_TIME"`
	Suppressions          []string                `json:"SUPPRESSIONS"`
	InfoLink              string                  `json:"INFO_LINK"`
	AssessedResourceCount int                     `json:"ASSESSED_RESOURCE_COUNT"`
	Status                string                  `json:"STATUS"`
	RecID                 string                  `json:"REC_ID"`
	Category              string                  `json:"CATEGORY"`
	Title                 string                  `json:"TITLE"`
	Violations            []ComplianceViolationV2 `json:"VIOLATIONS"`
	ResourceCount         int                     `json:"RESOURCE_COUNT"`
	Severity              int                     `json:"SEVERITY"`
}

func (*RecommendationV2) SeverityString 

func (r *RecommendationV2) SeverityString() string

type RecommendationsServiceV2 

type RecommendationsServiceV2 struct {
	Aws   recommendationServiceV2
	Azure recommendationServiceV2
	Gcp   recommendationServiceV2
	// contains filtered or unexported fields
}

RecommendationsServiceV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

type RelatedAlert 

type RelatedAlert struct {
	ID        string    `json:"eventId"`
	Name      string    `json:"eventName"`
	Type      string    `json:"eventType"`
	Severity  string    `json:"severity"`
	Rank      int       `json:"rank"`
	Info      AlertInfo `json:"eventInfo"`
	StartTime string    `json:"startTime"`
	EndTime   string    `json:"endTime"`
}

type RelatedAlerts 

type RelatedAlerts []RelatedAlert

func (RelatedAlerts) SortRankDescending 

func (ra RelatedAlerts) SortRankDescending() RelatedAlerts

type RelatedAlertsResponse 

type RelatedAlertsResponse struct {
	Data RelatedAlerts `json:"data"`
}

type ReportDefinition 

type ReportDefinition struct {
	ReportDefinitionGuid   string `json:"reportDefinitionGuid,omitempty" yaml:"reportDefinitionGuid,omitempty"`
	ReportName             string `json:"reportName" yaml:"reportName"`
	DisplayName            string `json:"displayName,omitempty" yaml:"displayName,omitempty"`
	ReportType             string `json:"reportType" yaml:"reportType"`
	ReportNotificationType string `json:"reportNotificationType,omitempty" yaml:"reportNotificationType,omitempty"`
	SubReportType          string `json:"subReportType" yaml:"subReportType"`

	ReportDefinitionDetails ReportDefinitionDetails `json:"reportDefinition" yaml:"reportDefinition"`
	Props                   *ReportDefinitionProps  `json:"props,omitempty" yaml:"props,omitempty"`
	DistributionType        string                  `json:"distributionType,omitempty" yaml:"distributionType,omitempty"`
	AlertChannels           []string                `json:"alertChannels,omitempty" yaml:"alertChannels,omitempty"`
	Frequency               string                  `json:"frequency,omitempty" yaml:"frequency,omitempty"`
	Version                 int                     `json:"version,omitempty" yaml:"version,omitempty"`
	UpdateType              string                  `json:"updateType,omitempty" yaml:"updateType,omitempty"`
	CreatedBy               string                  `json:"createdBy,omitempty" yaml:"createdBy,omitempty"`
	CreatedTime             *time.Time              `json:"createdTime,omitempty" yaml:"createdTime,omitempty"`
	Enabled                 int                     `json:"enabled,omitempty" yaml:"enabled,omitempty"`
}

func NewReportDefinition 

func NewReportDefinition(cfg ReportDefinitionConfig) ReportDefinition

NewReportDefinition creates a new report definition for Create function

func (ReportDefinition) Config 

func (report ReportDefinition) Config() ReportDefinitionConfig

func (ReportDefinition) IsCustom 

func (report ReportDefinition) IsCustom() bool

IsCustom returns true if report definition is user created, not created by SYSTEM

type ReportDefinitionConfig 

type ReportDefinitionConfig struct {
	ReportName    string                    `json:"reportName" yaml:"reportName"`
	DisplayName   string                    `json:"displayName" yaml:"displayName"`
	ReportType    string                    `json:"reportType" yaml:"reportType"`
	SubReportType string                    `json:"subReportType" yaml:"subReportType"`
	Sections      []ReportDefinitionSection `json:"sections,omitempty" yaml:"sections,omitempty"`
}

type ReportDefinitionDetails 

type ReportDefinitionDetails struct {
	Sections  []ReportDefinitionSection   `json:"sections"`
	Overrides []ReportDefinitionOverrides `json:"overrides,omitempty" yaml:"overrides,omitempty"`
}

type ReportDefinitionOverrides 

type ReportDefinitionOverrides struct {
	Policy string `json:"policy" yaml:"policy"`
	Title  string `json:"title" yaml:"title"`
}

type ReportDefinitionProps 

type ReportDefinitionProps struct {
	Engine         string   `json:"engine,omitempty" yaml:"engine,omitempty"`
	ReleaseLabel   string   `json:"releaseLabel,omitempty" yaml:"releaseLabel,omitempty"`
	ResourceGroups []string `json:"resourceGroups,omitempty" yaml:"resourceGroups,omitempty"`
	Integrations   []string `json:"integrations,omitempty" yaml:"integrations,omitempty"`
}

type ReportDefinitionResponse 

type ReportDefinitionResponse struct {
	Data ReportDefinition `json:"data"`
}

type ReportDefinitionSection 

type ReportDefinitionSection struct {
	Category string   `json:"category" yaml:"category"`
	Title    string   `json:"title" yaml:"title"`
	Policies []string `json:"policies" yaml:"policies"`
}

type ReportDefinitionUpdate 

type ReportDefinitionUpdate struct {
	ReportName              string                   `json:"reportName,omitempty" yaml:"reportName,omitempty"`
	DisplayName             string                   `json:"displayName,omitempty" yaml:"displayName,omitempty"`
	ReportDefinitionDetails *ReportDefinitionDetails `json:"reportDefinition,omitempty" yaml:"reportDefinition,omitempty"`
}

ReportDefinitionUpdate represents fields allowed for update request

func NewReportDefinitionUpdate 

func NewReportDefinitionUpdate(cfg ReportDefinitionConfig) ReportDefinitionUpdate

NewReportDefinitionUpdate creates a new report definition for Update function

type ReportDefinitionsResponse 

type ReportDefinitionsResponse struct {
	Data []ReportDefinition `json:"data"`
}

type ReportDefinitionsService 

type ReportDefinitionsService struct {
	// contains filtered or unexported fields
}

ReportDefinitionsService is a service that interacts with the ReportDefinitions endpoints from the Lacework APIv2 Server

func (*ReportDefinitionsService) Create 

func (svc *ReportDefinitionsService) Create(report ReportDefinition) (response ReportDefinitionResponse, err error)

func (*ReportDefinitionsService) Delete 

func (svc *ReportDefinitionsService) Delete(guid string) error

Delete a ReportDefinition

func (*ReportDefinitionsService) Get 

func (svc *ReportDefinitionsService) Get(guid string) (response ReportDefinitionResponse, err error)

Get returns a ReportDefinitionResponse

func (*ReportDefinitionsService) GetVersions 

func (svc *ReportDefinitionsService) GetVersions(guid string) (response ReportDefinitionsResponse, err error)

GetVersions returns a list of all versions of a reportDefinition

func (*ReportDefinitionsService) List 

func (svc *ReportDefinitionsService) List() (response ReportDefinitionsResponse, err error)

List returns a ReportDefinitionResponse

func (*ReportDefinitionsService) Revert 

func (svc *ReportDefinitionsService) Revert(guid string, version int) (response ReportDefinitionResponse, err error)

func (*ReportDefinitionsService) Update 

func (svc *ReportDefinitionsService) Update(guid string, report ReportDefinitionUpdate) (
	response ReportDefinitionResponse, err error,
)

type ReportDistribution 

type ReportDistribution struct {
	ReportDistributionGuid string                 `json:"reportDistributionGuid,omitempty"`
	ReportDefinitionGuid   string                 `json:"reportDefinitionGuid"`
	DistributionName       string                 `json:"distributionName"`
	Data                   ReportDistributionData `json:"data"`
	AlertChannels          []string               `json:"alertChannels"`
	Frequency              string                 `json:"frequency"`
}

func (*ReportDistribution) UpdateConfig 

func (distribution *ReportDistribution) UpdateConfig() ReportDistributionUpdate

type ReportDistributionData 

type ReportDistributionData struct {
	Severities     []string                        `json:"severities"`
	Violations     []string                        `json:"violations"`
	ResourceGroups []string                        `json:"resourceGroups"`
	Integrations   []ReportDistributionIntegration `json:"integrations"`
}

type ReportDistributionIntegration 

type ReportDistributionIntegration struct {
	TenantID       string `json:"tenantId,omitempty"`
	SubscriptionID string `json:"subscriptionId,omitempty"`
	AccountID      string `json:"accountId,omitempty"`
	OrganizationID string `json:"organizationId,omitempty"`
	ProjectID      string `json:"projectId,omitempty"`
}

type ReportDistributionResponse 

type ReportDistributionResponse struct {
	Data ReportDistribution `json:"data"`
}

type ReportDistributionUpdate 

type ReportDistributionUpdate struct {
	DistributionName string                 `json:"distributionName,omitempty"`
	Data             ReportDistributionData `json:"data,omitempty"`
	AlertChannels    []string               `json:"alertChannels,omitempty"`
	Frequency        string                 `json:"frequency,omitempty"`
}

type ReportDistributionsResponse 

type ReportDistributionsResponse struct {
	Data []ReportDistribution `json:"data"`
}

type ReportDistributionsService 

type ReportDistributionsService struct {
	// contains filtered or unexported fields
}

ReportDistributionsService is a service that interacts with the ReportDistributions endpoints from the Lacework APIv2 Server

func (*ReportDistributionsService) Create 

func (svc *ReportDistributionsService) Create(report ReportDistribution) (
	response ReportDistributionResponse, err error,
)

func (*ReportDistributionsService) Delete 

func (svc *ReportDistributionsService) Delete(guid string) error

Delete a ReportDistribution

func (*ReportDistributionsService) Get 

func (svc *ReportDistributionsService) Get(guid string) (response ReportDistributionResponse, err error)

Get returns a ReportDistributionResponse

func (*ReportDistributionsService) List 

func (svc *ReportDistributionsService) List() (response ReportDistributionsResponse, err error)

List returns a ReportDistributionResponse

func (*ReportDistributionsService) Update 

func (svc *ReportDistributionsService) Update(guid string, report ReportDistributionUpdate) (
	response ReportDistributionResponse, err error,
)

type ReportRule 

type ReportRule struct {
	Guid                    string                      `json:"mcGuid,omitempty"`
	Type                    string                      `json:"type"`
	EmailAlertChannels      []string                    `json:"intgGuidList"`
	Filter                  ReportRuleFilter            `json:"filters"`
	ReportNotificationTypes ReportRuleNotificationTypes `json:"reportNotificationTypes"`
}

func NewReportRule 

func NewReportRule(name string, rule ReportRuleConfig) (ReportRule, error)

NewReportRule returns an instance of the ReportRule struct

Basic usage: Initialize a new ReportRule struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  reportRule := api.NewReportRule(
		"Foo",
		api.ReportRuleConfig{
		Description: "My Report Rule"
		Severities: api.ReportRuleSeverities{api.ReportRuleSeverityHigh,
		EmailAlertChannels: []string{"TECHALLY_000000000000AAAAAAAAAAAAAAAAAAAA"},
		ResourceGroups: []string{"TECHALLY_111111111111AAAAAAAAAAAAAAAAAAAA"}
		ReportNotificationTypes: api.WeeklyEventsReportRuleNotifications{TrendReport: true},
      },
    },
  )

  client.V2.ReportRules.Create(reportRule)

type ReportRuleConfig 

type ReportRuleConfig struct {
	EmailAlertChannels []string
	Description        string
	Severities         ReportRuleSeverities
	NotificationTypes  []reportRuleNotification
	ResourceGroups     []string
}

type ReportRuleFilter 

type ReportRuleFilter struct {
	Name                 string   `json:"name"`
	Enabled              int      `json:"enabled"`
	Description          string   `json:"description,omitempty"`
	Severity             []int    `json:"severity"`
	ResourceGroups       []string `json:"resourceGroups,omitempty"`
	CreatedOrUpdatedTime string   `json:"createdOrUpdatedTime,omitempty"`
	CreatedOrUpdatedBy   string   `json:"createdOrUpdatedBy,omitempty"`
}

func (ReportRuleFilter) Status 

func (rule ReportRuleFilter) Status() string

type ReportRuleNotificationTypes 

type ReportRuleNotificationTypes struct {
	AgentEvents               bool `json:"agentEvents"`
	AwsCisS3                  bool `json:"awsCisS3"`
	AwsCloudtrailEvents       bool `json:"awsCloudtrailEvents"`
	AwsComplianceEvents       bool `json:"awsComplianceEvents"`
	AwsHipaa                  bool `json:"hipaa"`
	AwsIso2700                bool `json:"iso2700"`
	AwsNist80053Rev4          bool `json:"nist800-53Rev4"`
	AwsNist800171Rev2         bool `json:"nist800-171Rev2"`
	AwsPci                    bool `json:"pci"`
	AwsSoc                    bool `json:"soc"`
	AwsSocRev2                bool `json:"awsSocRev2"`
	AzureActivityLogEvents    bool `json:"azureActivityLogEvents"`
	AzureCis                  bool `json:"azureCis"`
	AzureCis131               bool `json:"azureCis131"`
	AzureComplianceEvents     bool `json:"azureComplianceEvents"`
	AzurePci                  bool `json:"azurePci"`
	AzureSoc                  bool `json:"azureSoc"`
	GcpAuditTrailEvents       bool `json:"gcpAuditTrailEvents"`
	GcpCis                    bool `json:"gcpCis"`
	GcpComplianceEvents       bool `json:"gcpComplianceEvents"`
	GcpHipaa                  bool `json:"gcpHipaa"`
	GcpHipaaRev2              bool `json:"gcpHipaaRev2"`
	GcpIso27001               bool `json:"gcpIso27001"`
	GcpCis12                  bool `json:"gcpCis12"`
	GcpK8s                    bool `json:"gcpK8s"`
	GcpPci                    bool `json:"gcpPci"`
	GcpPciRev2                bool `json:"gcpPciRev2"`
	GcpSoc                    bool `json:"gcpSoc"`
	GcpSocRev2                bool `json:"gcpSocRev2"`
	OpenShiftCompliance       bool `json:"openShiftCompliance"`
	OpenShiftComplianceEvents bool `json:"openShiftComplianceEvents"`
	PlatformEvents            bool `json:"platformEvents"`
	TrendReport               bool `json:"trendReport"`
}

func NewReportRuleNotificationTypes 

func NewReportRuleNotificationTypes(types []reportRuleNotification) (ReportRuleNotificationTypes, error)

func (ReportRuleNotificationTypes) ToMap 

func (all ReportRuleNotificationTypes) ToMap() map[string]bool

type ReportRuleNotifications 

type ReportRuleNotifications []reportRuleNotification

type ReportRuleResponse 

type ReportRuleResponse struct {
	Data ReportRule `json:"data"`
}

type ReportRuleSeverities 

type ReportRuleSeverities []reportRuleSeverity

func NewReportRuleSeverities 

func NewReportRuleSeverities(sevSlice []string) ReportRuleSeverities

func NewReportRuleSeveritiesFromIntSlice 

func NewReportRuleSeveritiesFromIntSlice(sevSlice []int) ReportRuleSeverities

func (ReportRuleSeverities) ToStringSlice 

func (sevs ReportRuleSeverities) ToStringSlice() []string

type ReportRulesResponse 

type ReportRulesResponse struct {
	Data []ReportRule `json:"data"`
}

type ReportRulesService 

type ReportRulesService struct {
	// contains filtered or unexported fields
}

ReportRulesService is the service that interacts with the ReportRules schema from the Lacework APIv2 Server

func (*ReportRulesService) Create 

func (svc *ReportRulesService) Create(rule ReportRule) (
	response ReportRuleResponse,
	err error,
)

Create creates a single Report Rule

func (*ReportRulesService) Delete 

func (svc *ReportRulesService) Delete(guid string) error

Delete deletes a Report Rule that matches the provided guid

func (*ReportRulesService) Get 

func (svc *ReportRulesService) Get(guid string, response interface{}) error

Get returns a raw response of the Report Rule with the matching guid.

func (*ReportRulesService) List 

func (svc *ReportRulesService) List() (response ReportRulesResponse, err error)

List returns a list of Report Rules

func (*ReportRulesService) Update 

func (svc *ReportRulesService) Update(data ReportRule) (
	response ReportRuleResponse,
	err error,
)

Update updates a single Report Rule of the provided guid.

type ReportSchema 

type ReportSchema struct {
	Name              string            `json:"name"`
	RecommendationIDs map[string]string `json:"recommendationIDs"`
}

type ReportSummary 

type ReportSummary struct {
	NumRecommendations        int `json:"NUM_RECOMMENDATIONS"`
	NumSeverity2NonCompliance int `json:"NUM_SEVERITY_2_NON_COMPLIANCE"`
	NumSeverity4NonCompliance int `json:"NUM_SEVERITY_4_NON_COMPLIANCE"`
	NumSeverity1NonCompliance int `json:"NUM_SEVERITY_1_NON_COMPLIANCE"`
	NumCompliant              int `json:"NUM_COMPLIANT"`
	NumSeverity3NonCompliance int `json:"NUM_SEVERITY_3_NON_COMPLIANCE"`
	AssessedResourceCount     int `json:"ASSESSED_RESOURCE_COUNT"`
	NumSuppressed             int `json:"NUM_SUPPRESSED"`
	NumSeverity5NonCompliance int `json:"NUM_SEVERITY_5_NON_COMPLIANCE"`
	NumNotComplinace          int `json:"NUM_NOT_COMPLIANT"`
	ViolatedResourceCount     int `json:"VIOLATED_RESOURCE_COUNT"`
	SuppressedResourceCount   int `json:"SUPPRESSED_RESOURCE_COUNT"`
}

type ReportsService 

type ReportsService struct {
	Aws   *awsReportsService
	Azure *azureReportsService
	Gcp   *gcpReportsService
	// contains filtered or unexported fields
}

ReportsService is a service that interacts with the Reports endpoints from the Lacework APIv2 Server

func NewReportsService 

func NewReportsService(c *Client) *ReportsService

type ResourceGroup 

type ResourceGroup interface {
	ID() string
	ResourceGroupType() resourceGroupType
	ResetResourceGUID()
	ResetRGV2Fields()
	IsV2Group() bool
}

type ResourceGroupData 

type ResourceGroupData struct {
	// RGv1 Fields
	Guid         string      `json:"guid,omitempty"`
	IsDefault    int         `json:"isDefault,omitempty"`
	ResourceGuid string      `json:"resourceGuid,omitempty"`
	Name         string      `json:"resourceName,omitempty"`
	Type         string      `json:"resourceType"`
	Enabled      int         `json:"enabled"`
	Props        interface{} `json:"props,omitempty"`

	// RG v2 Fields. `Enabled` and `Type` fields are the same in RGv1 nd RGv2
	NameV2            string     `json:"name,omitempty"`
	Query             *RGQuery   `json:"query,omitempty"`
	Description       string     `json:"description,omitempty"`
	ResourceGroupGuid string     `json:"resourceGroupGuid,omitempty"`
	CreatedTime       *time.Time `json:"lastUpdated,omitempty"`
	CreatedBy         string     `json:"createdBy,omitempty"`
	UpdatedTime       *time.Time `json:"updatedTime,omitempty"`
	UpdatedBy         string     `json:"updatedBy,omitempty"`
	IsDefaultBoolean  *bool      `json:"isDefaultBoolean,omitempty"`
	IsOrg             *bool      `json:"isOrg,omitempty"`
}

func NewResourceGroup 

func NewResourceGroup(name string, iType resourceGroupType, props interface{}) ResourceGroupData

NewResourceGroup returns an instance of the ResourceGroupData struct with the provided ResourceGroup type, name and the props field as an interface{}.

NOTE: This function must be used by any ResourceGroup type.

Basic usage: Initialize a new ContainerResourceGroup struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  group := api.NewResourceGroup("container resource group",
    api.ContainerResourceGroup,
    api.ContainerResourceGroupData{
      Props: api.ContainerResourceGroupProps{
			Description:     "all containers,
			ContainerLabels: ContainerResourceGroupAllLabels,
			ContainerTags:   ContainerResourceGroupAllTags,
		},
    },
  )

  client.V2.ResourceGroups.Create(group)

func (ResourceGroupData) GetProps 

func (group ResourceGroupData) GetProps() interface{}

func (ResourceGroupData) GetQuery 

func (group ResourceGroupData) GetQuery() *RGQuery

func (ResourceGroupData) ID 

func (group ResourceGroupData) ID() string

func (ResourceGroupData) IsV2Group 

func (group ResourceGroupData) IsV2Group() bool

func (*ResourceGroupData) ResetRGV2Fields 

func (group *ResourceGroupData) ResetRGV2Fields()

func (*ResourceGroupData) ResetResourceGUID 

func (group *ResourceGroupData) ResetResourceGUID()

func (ResourceGroupData) ResourceGroupType 

func (group ResourceGroupData) ResourceGroupType() resourceGroupType

func (ResourceGroupData) Status 

func (group ResourceGroupData) Status() string

type ResourceGroupDataWithQuery 

type ResourceGroupDataWithQuery struct {
	Name              string     `json:"name"`
	Type              string     `json:"resourceType"`
	Query             *RGQuery   `json:"query"`
	Description       string     `json:"description,omitempty"`
	ResourceGroupGuid string     `json:"resourceGroupGuid,omitempty"`
	CreatedTime       *time.Time `json:"lastUpdated,omitempty"`
	CreatedBy         string     `json:"createdBy,omitempty"`
	UpdatedTime       *time.Time `json:"updatedTime,omitempty"`
	UpdatedBy         string     `json:"updatedBy,omitempty"`
	Enabled           int        `json:"enabled,omitempty"`
	IsDefaultBoolean  *bool      `json:"isDefaultBoolean,omitempty"`
	IsOrg             *bool      `json:"isOrg,omitempty"`
}

func NewResourceGroupWithQuery 

func NewResourceGroupWithQuery(name string, iType resourceGroupType,
	description string, query *RGQuery) ResourceGroupDataWithQuery

NewResourceGroupWithQuery Only available with RGv2 beta

func (ResourceGroupDataWithQuery) GetProps 

func (group ResourceGroupDataWithQuery) GetProps() interface{}

func (ResourceGroupDataWithQuery) GetQuery 

func (group ResourceGroupDataWithQuery) GetQuery() *RGQuery

func (ResourceGroupDataWithQuery) ID 

func (group ResourceGroupDataWithQuery) ID() string

func (ResourceGroupDataWithQuery) IsV2Group 

func (group ResourceGroupDataWithQuery) IsV2Group() bool

func (*ResourceGroupDataWithQuery) ResetRGV2Fields 

func (group *ResourceGroupDataWithQuery) ResetRGV2Fields()

func (*ResourceGroupDataWithQuery) ResetResourceGUID 

func (group *ResourceGroupDataWithQuery) ResetResourceGUID()

func (ResourceGroupDataWithQuery) ResourceGroupType 

func (group ResourceGroupDataWithQuery) ResourceGroupType() resourceGroupType

type ResourceGroupProps 

type ResourceGroupProps interface {
	GetBaseProps() ResourceGroupPropsBase
}

type ResourceGroupPropsBase 

type ResourceGroupPropsBase struct {
	Description string        `json:"description"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

type ResourceGroupResponse 

type ResourceGroupResponse struct {
	Data ResourceGroupData `json:"data"`
}

type ResourceGroupV2Response 

type ResourceGroupV2Response struct {
	Data ResourceGroupDataWithQuery `json:"data"`
}

type ResourceGroupsInterfaceData 

type ResourceGroupsInterfaceData interface {
	GetProps() interface{}
	GetQuery() *RGQuery
}

type ResourceGroupsResponse 

type ResourceGroupsResponse struct {
	Data []ResourceGroupData `json:"data"`
}

type ResourceGroupsService 

type ResourceGroupsService struct {
	// contains filtered or unexported fields
}

ResourceGroupsService is the service that interacts with the ResourceGroups schema from the Lacework APIv2 Server

func (*ResourceGroupsService) Create 

func (svc *ResourceGroupsService) Create(group ResourceGroupData) (
	response ResourceGroupResponse,
	err error,
)

Create creates a single Resource Group

func (*ResourceGroupsService) Delete 

func (svc *ResourceGroupsService) Delete(guid string) error

Delete deletes a Resource Group that matches the provided resource guid

func (*ResourceGroupsService) Get 

func (svc *ResourceGroupsService) Get(guid string, response interface{}) error

Get returns a raw response of the Resource Group with the matching resource guid.

To return a more specific Go struct of a Resource Group, use the proper method such as GetContainerResourceGroup() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Resource Group type.

func (*ResourceGroupsService) List 

func (svc *ResourceGroupsService) List() (response ResourceGroupsResponse, err error)

List returns a list of Resource Groups

func (*ResourceGroupsService) Update 

func (svc *ResourceGroupsService) Update(data ResourceGroup) (
	response ResourceGroupResponse,
	err error,
)

Update updates a single ResourceGroup on the Lacework Server

type ResourceGroupsV2Response 

type ResourceGroupsV2Response struct {
	Data []ResourceGroupDataWithQuery `json:"data"`
}

type ResourceGroupsV2Service 

type ResourceGroupsV2Service struct {
	// contains filtered or unexported fields
}

func (*ResourceGroupsV2Service) Create 

func (svc *ResourceGroupsV2Service) Create(group ResourceGroupDataWithQuery) (
	response ResourceGroupV2Response,
	err error,
)

func (*ResourceGroupsV2Service) Delete 

func (svc *ResourceGroupsV2Service) Delete(guid string) error

func (*ResourceGroupsV2Service) Get 

func (svc *ResourceGroupsV2Service) Get(guid string, response interface{}) error

func (*ResourceGroupsV2Service) List 

func (svc *ResourceGroupsV2Service) List() (response ResourceGroupsV2Response, err error)

func (*ResourceGroupsV2Service) Update 

func (svc *ResourceGroupsV2Service) Update(data ResourceGroup) (
	response ResourceGroupV2Response,
	err error,
)

type ResourceGroupsVersionService 

type ResourceGroupsVersionService struct {
	// contains filtered or unexported fields
}

func NewResourceGroupsVersionService 

func NewResourceGroupsVersionService(c *Client) *ResourceGroupsVersionService

func (*ResourceGroupsVersionService) Create 

func (svc *ResourceGroupsVersionService) Create(group ResourceGroupsInterfaceData) (
	response ResourceGroupResponse,
	err error,
)

func (*ResourceGroupsVersionService) CreateAws 

func (svc *ResourceGroupsVersionService) CreateAws(data ResourceGroup) (
	response AwsResourceGroupResponse,
	err error,
)

CreateAws creates a single Aws ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) CreateAzure 

func (svc *ResourceGroupsVersionService) CreateAzure(data ResourceGroup) (
	response AzureResourceGroupResponse,
	err error,
)

CreateAzure creates a single Azure ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) CreateContainer 

func (svc *ResourceGroupsVersionService) CreateContainer(data ResourceGroup) (
	response ContainerResourceGroupResponse,
	err error,
)

CreateContainer creates a single Container ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) CreateGcp 

func (svc *ResourceGroupsVersionService) CreateGcp(data ResourceGroup) (
	response GcpResourceGroupResponse,
	err error,
)

CreateGcp creates a single Gcp ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) CreateLwAccount 

func (svc *ResourceGroupsVersionService) CreateLwAccount(data ResourceGroup) (
	response LwAccountResourceGroupResponse,
	err error,
)

CreateLwAccount creates a single LwAccount ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) CreateMachine 

func (svc *ResourceGroupsVersionService) CreateMachine(data ResourceGroup) (
	response MachineResourceGroupResponse,
	err error,
)

CreateMachine creates a single Machine ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) Delete 

func (svc *ResourceGroupsVersionService) Delete(guid string) error

func (*ResourceGroupsVersionService) Get 

func (svc *ResourceGroupsVersionService) Get(guid string, response interface{}) error

func (*ResourceGroupsVersionService) GetAws 

func (svc *ResourceGroupsVersionService) GetAws(guid string) (
	response AwsResourceGroupResponse,
	err error,
)

GetAws gets a single Aws ResourceGroup matching the provided resource guid

func (*ResourceGroupsVersionService) GetAzure 

func (svc *ResourceGroupsVersionService) GetAzure(guid string) (
	response AzureResourceGroupResponse,
	err error,
)

GetAzure gets a single Azure ResourceGroup matching the provided resource guid

func (*ResourceGroupsVersionService) GetContainer 

func (svc *ResourceGroupsVersionService) GetContainer(guid string) (
	response ContainerResourceGroupResponse,
	err error,
)

GetContainer gets a single Container ResourceGroup matching the provided resource guid

func (*ResourceGroupsVersionService) GetGcp 

func (svc *ResourceGroupsVersionService) GetGcp(guid string) (
	response GcpResourceGroupResponse,
	err error,
)

GetGcp gets a single Gcp ResourceGroup matching the provided resource guid

func (*ResourceGroupsVersionService) GetLwAccount 

func (svc *ResourceGroupsVersionService) GetLwAccount(guid string) (
	response LwAccountResourceGroupResponse,
	err error,
)

GetContainer gets a single LwAccount ResourceGroup matching the provided resource guid

func (*ResourceGroupsVersionService) GetMachine 

func (svc *ResourceGroupsVersionService) GetMachine(guid string) (
	response MachineResourceGroupResponse,
	err error,
)

GetMachine gets a single Machine ResourceGroup matching the provided resource guid

func (*ResourceGroupsVersionService) List 

func (svc *ResourceGroupsVersionService) List() (response ResourceGroupsResponse, err error)

func (*ResourceGroupsVersionService) Update 

func (svc *ResourceGroupsVersionService) Update(group ResourceGroupsInterfaceData) (
	response ResourceGroupResponse,
	err error,
)

func (*ResourceGroupsVersionService) UpdateAws 

func (svc *ResourceGroupsVersionService) UpdateAws(data ResourceGroup) (
	response AwsResourceGroupResponse, err error)

UpdateAws updates a single Aws ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) UpdateAzure 

func (svc *ResourceGroupsVersionService) UpdateAzure(data ResourceGroup) (
	response AzureResourceGroupResponse,
	err error,
)

UpdateAzure updates a single Azure ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) UpdateContainer 

func (svc *ResourceGroupsVersionService) UpdateContainer(data ResourceGroup) (
	response ContainerResourceGroupResponse,
	err error,
)

UpdateContainer updates a single Container ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) UpdateGcp 

func (svc *ResourceGroupsVersionService) UpdateGcp(data ResourceGroup) (
	response GcpResourceGroupResponse,
	err error,
)

UpdateGcp updates a single Gcp ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) UpdateLwAccount 

func (svc *ResourceGroupsVersionService) UpdateLwAccount(data ResourceGroup) (
	response LwAccountResourceGroupResponse,
	err error,
)

UpdateLwAccount updates a single LwAccount ResourceGroup on the Lacework Server

func (*ResourceGroupsVersionService) UpdateMachine 

func (svc *ResourceGroupsVersionService) UpdateMachine(data ResourceGroup) (
	response MachineResourceGroupResponse,
	err error,
)

UpdateMachine updates a single Machine ResourceGroup on the Lacework Server

type SchemasService 

type SchemasService struct {
	Services map[integrationSchema]V2Service
	// contains filtered or unexported fields
}

SchemasService is the service that retrieves schemas for v2

func (*SchemasService) GetService 

func (svc *SchemasService) GetService(schemaName integrationSchema) V2Service

type SearchFilter 

type SearchFilter struct {
	*TimeFilter `json:"timeFilter,omitempty"`
	Filters     []Filter `json:"filters,omitempty"`
	Returns     []string `json:"returns,omitempty"`
}

SearchFilter is the representation of an advanced search payload for retrieving information out of the Lacework APIv2 Server

An advanced example of a SearchFilter to search for an Agent Access Token that matches the provider token alias and return only the token found: 

SearchFilter{
	Filters: []Filter{
		Filter{
			Field:      "tokenAlias",
			Expression: "eq",
			Value:      "k8s-deployment,
		},
	},
	Returns: []string{"accessToken"},
}

type SearchResponse 

type SearchResponse interface {
	GetDataLength() int
}

type SearchableFilter 

type SearchableFilter interface {
	GetTimeFilter() *TimeFilter
	SetStartTime(*time.Time)
	SetEndTime(*time.Time)
}

type ServiceNowRestAlertChannelResponseV2 

type ServiceNowRestAlertChannelResponseV2 struct {
	Data ServiceNowRestAlertChannelV2 `json:"data"`
}

type ServiceNowRestAlertChannelV2 

type ServiceNowRestAlertChannelV2 struct {
	Data ServiceNowRestDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (ServiceNowRestAlertChannelV2) ID 

func (c ServiceNowRestAlertChannelV2) ID() string

func (ServiceNowRestAlertChannelV2) StateString 

func (c ServiceNowRestAlertChannelV2) StateString() string

func (ServiceNowRestAlertChannelV2) Status 

func (c ServiceNowRestAlertChannelV2) Status() string

type ServiceNowRestDataV2 

type ServiceNowRestDataV2 struct {
	Username           string `json:"userName"`
	Password           string `json:"password"`
	InstanceURL        string `json:"instanceUrl"`
	CustomTemplateFile string `json:"customTemplateFile,omitempty"`
	IssueGrouping      string `json:"issueGrouping,omitempty"`
}

func (*ServiceNowRestDataV2) DecodeCustomTemplateFile 

func (snow *ServiceNowRestDataV2) DecodeCustomTemplateFile() (string, error)

func (*ServiceNowRestDataV2) EncodeCustomTemplateFile 

func (snow *ServiceNowRestDataV2) EncodeCustomTemplateFile(template string)

type SlackChannelAlertChannelResponseV2 

type SlackChannelAlertChannelResponseV2 struct {
	Data SlackChannelAlertChannelV2 `json:"data"`
}

type SlackChannelAlertChannelV2 

type SlackChannelAlertChannelV2 struct {
	Data SlackChannelDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (SlackChannelAlertChannelV2) ID 

func (c SlackChannelAlertChannelV2) ID() string

func (SlackChannelAlertChannelV2) StateString 

func (c SlackChannelAlertChannelV2) StateString() string

func (SlackChannelAlertChannelV2) Status 

func (c SlackChannelAlertChannelV2) Status() string

type SlackChannelDataV2 

type SlackChannelDataV2 struct {
	SlackUrl string `json:"slackUrl"`
}

type SplunkHecAlertChannelResponseV2 

type SplunkHecAlertChannelResponseV2 struct {
	Data SplunkHecAlertChannelV2 `json:"data"`
}

type SplunkHecAlertChannelV2 

type SplunkHecAlertChannelV2 struct {
	Data SplunkHecDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (SplunkHecAlertChannelV2) ID 

func (c SplunkHecAlertChannelV2) ID() string

func (SplunkHecAlertChannelV2) StateString 

func (c SplunkHecAlertChannelV2) StateString() string

func (SplunkHecAlertChannelV2) Status 

func (c SplunkHecAlertChannelV2) Status() string

type SplunkHecDataV2 

type SplunkHecDataV2 struct {
	HecToken  string               `json:"hecToken"`
	Channel   string               `json:"channel,omitempty"`
	Host      string               `json:"host"`
	Port      int                  `json:"port"`
	Ssl       bool                 `json:"ssl"`
	EventData SplunkHecEventDataV2 `json:"eventData"`
}

type SplunkHecEventDataV2 

type SplunkHecEventDataV2 struct {
	Index  string `json:"index"`
	Source string `json:"source"`
}

type SuppressionConditions 

type SuppressionConditions struct {
	AccountIds         []string            `json:"accountIds,omitempty"`
	OrganizationIds    []string            `json:"organizationIds,omitempty"`
	ProjectIds         []string            `json:"projectIds,omitempty"`
	RegionNames        []string            `json:"regionNames,omitempty"`
	ResourceLabels     []map[string]string `json:"resourceLabels,omitempty"`
	ResourceGroupNames []string            `json:"resourceGroupNames,omitempty"`
	ResourceNames      []string            `json:"resourceNames,omitempty"`
	ResourceTags       []map[string]string `json:"resourceTags,omitempty"`
	SubscriptionIds    []string            `json:"subscriptionIds,omitempty"`
	TenantIds          []string            `json:"tenantIds,omitempty"`
	Comment            string              `json:"comments,omitempty"`
}

type SuppressionDataV2 

type SuppressionDataV2 struct {
	RecommendationSuppressions map[string]map[string]interface{} `json:"recommendationExceptions"`
}

type SuppressionResponseV2 

type SuppressionResponseV2 struct {
	Data    []SuppressionDataV2 `json:"data"`
	Ok      bool                `json:"ok"`
	Message string              `json:"message"`
}

func (*SuppressionResponseV2) SuppressionList 

func (res *SuppressionResponseV2) SuppressionList() (suppressions map[string]SuppressionV2)

type SuppressionTypeV2 

type SuppressionTypeV2 string
const (
	AwsSuppression   SuppressionTypeV2 = "aws"
	AzureSuppression SuppressionTypeV2 = "azure"
	GcpSuppression   SuppressionTypeV2 = "gcp"
)

type SuppressionV2 

type SuppressionV2 struct {
	Enabled               bool                    `json:"enabled"`
	SuppressionConditions []SuppressionConditions `json:"suppressionConditions"`
}

type SuppressionsServiceV2 

type SuppressionsServiceV2 struct {
	Aws   suppressionServiceV2
	Azure suppressionServiceV2
	Gcp   suppressionServiceV2
	// contains filtered or unexported fields
}

SuppressionsServiceV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

type TeamMember 

type TeamMember struct {
	CustGuid    string          `json:"custGuid,omitempty"`
	Props       TeamMemberProps `json:"props"`
	UserEnabled int             `json:"userEnabled"`
	UserGuid    string          `json:"userGuid,omitempty"`
	UserName    string          `json:"userName,omitempty"`
}

TeamMember is for a standalone team member without org access

func NewTeamMember 

func NewTeamMember(username string, props TeamMemberProps) TeamMember

NewTeamMember returns an instance of the Team Member struct

Basic usage: Initialize a new TeamMember struct and then use the new instance to perform CRUD operations. 

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  teamMember := api.NewTeamMember(
		"FooBar",
		api.TeamMemberProps{
		Company: "ACME Inc",
		FirstName: "Foo",
		LastName: "Bar"
     },
  },

)

client.V2.TeamMembers.Create(teamMember)

type TeamMemberAccount 

type TeamMemberAccount struct {
	AccountName string `json:"accountName"`
	Admin       bool   `json:"admin"`
	CustGuid    string `json:"custGuid"`
	UserEnabled int    `json:"userEnabled"`
	UserGuid    string `json:"userGuid"`
}

type TeamMemberOrg 

type TeamMemberOrg struct {
	AdminRoleAccounts []string        `json:"adminRoleAccounts"`
	OrgAdmin          bool            `json:"orgAdmin"`
	OrgUser           bool            `json:"orgUser"`
	Props             TeamMemberProps `json:"props"`
	UserEnabled       int             `json:"userEnabled,omitempty"`
	UserGuid          string          `json:"userGuid,omitempty"`
	UserName          string          `json:"userName,omitempty"`
	UserRoleAccounts  []string        `json:"userRoleAccounts"`
}

TeamMemberOrg is for an organizational team member

func NewTeamMemberOrg 

func NewTeamMemberOrg(username string, props TeamMemberProps) TeamMemberOrg

NewTeamMemberOrg returns an instance of the team member org struct

Basic usage: Initialize a new TeamMemberOrg struct and then use the new instance to perform CRUD operations. 

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  teamMember := api.NewTeamMemberOrg(
		"FooBar",
		api.TeamMemberProps{
		Company: "ACME Inc",
		FirstName: "Foo",
		LastName: "Bar"
     },
  },

)

client.V2.TeamMembers.CreateOrg(teamMember)

type TeamMemberOrgData 

type TeamMemberOrgData struct {
	Accounts   []TeamMemberAccount `json:"accounts"`
	OrgAccount bool                `json:"orgAccount"`
	OrgAdmin   bool                `json:"orgAdmin"`
	OrgUser    bool                `json:"orgUser"`
	Url        string              `json:"url"`
	UserName   string              `json:"userName"`
}

type TeamMemberOrgResponse 

type TeamMemberOrgResponse struct {
	Data TeamMemberOrgData `json:"data"`
}

type TeamMemberProps 

type TeamMemberProps struct {
	AccountAdmin bool `json:"accountAdmin,omitempty"`
	//Company is empty for patch requests on updateOrg as it cannot be modified
	Company                string      `json:"company,omitempty"`
	CreatedTime            string      `json:"createdTime,omitempty"`
	FirstName              string      `json:"firstName"`
	JitCreated             bool        `json:"jitCreated,omitempty"`
	LastLoginTime          interface{} `json:"lastLoginTime,omitempty"`
	LastName               string      `json:"lastName"`
	LastSessionCreatedTime interface{} `json:"lastSessionCreatedTime,omitempty"`
	OrgAdmin               bool        `json:"orgAdmin,omitempty"`
	OrgUser                bool        `json:"orgUser,omitempty"`
	UpdatedBy              string      `json:"updatedBy,omitempty"`
	UpdatedTime            interface{} `json:"updatedTime,omitempty"`
}

type TeamMemberResponse 

type TeamMemberResponse struct {
	Data TeamMember `json:"data"`
}

type TeamMembersResponse 

type TeamMembersResponse struct {
	Data []TeamMember `json:"data"`
}

type TeamMembersService 

type TeamMembersService struct {
	// contains filtered or unexported fields
}

func (*TeamMembersService) Create 

func (svc *TeamMembersService) Create(tm TeamMember) (res TeamMemberResponse, err error)

Create creates a single team member

func (*TeamMembersService) CreateOrg 

func (svc *TeamMembersService) CreateOrg(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

CreateOrg creates a single team member at the org level TODO Move all ORG stuff into a different file

func (*TeamMembersService) Delete 

func (svc *TeamMembersService) Delete(guid string) error

Delete deletes a single team member at the account level with the corresponding guid

func (*TeamMembersService) DeleteOrg 

func (svc *TeamMembersService) DeleteOrg(guid string) error

DeleteOrg deletes a single team member at the org level with the corresponding guid

func (*TeamMembersService) Get 

func (svc *TeamMembersService) Get(guid string, res interface{}) error

Get returns a response of the team member

func (*TeamMembersService) List 

func (svc *TeamMembersService) List() (res TeamMembersResponse, err error)

List returns a list of team members

func (*TeamMembersService) SearchUsername 

func (svc *TeamMembersService) SearchUsername(username string) (res TeamMembersResponse, err error)

func (*TeamMembersService) Update 

func (svc *TeamMembersService) Update(tm TeamMember) (res TeamMemberResponse, err error)

Update updates a single team member at the account-level with the corresponding guid

func (*TeamMembersService) UpdateOrg 

func (svc *TeamMembersService) UpdateOrg(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

UpdateOrg updates a single team member at the org-level with the corresponding username

func (*TeamMembersService) UpdateOrgById 

func (svc *TeamMembersService) UpdateOrgById(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

UpdateOrgById updates a single team member at the org-level with the corresponding guid

type TimeFilter 

type TimeFilter struct {
	StartTime *time.Time `json:"startTime,omitempty"`
	EndTime   *time.Time `json:"endTime,omitempty"`
}

type TokenData 

type TokenData struct {
	ExpiresAt time.Time `json:"expiresAt"`
	Token     string    `json:"token"`
}

APIv2

type UpdatePolicy 

type UpdatePolicy struct {
	PolicyID      string   `json:"policyId,omitempty" yaml:"policyId,omitempty"`
	PolicyType    string   `json:"policyType,omitempty" yaml:"policyType,omitempty"`
	QueryID       string   `json:"queryId,omitempty" yaml:"queryId,omitempty"`
	Title         string   `json:"title,omitempty" yaml:"title,omitempty"`
	Enabled       *bool    `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	Description   string   `json:"description,omitempty" yaml:"description,omitempty"`
	Remediation   string   `json:"remediation,omitempty" yaml:"remediation,omitempty"`
	Severity      string   `json:"severity,omitempty" yaml:"severity,omitempty"`
	Limit         *int     `json:"limit,omitempty" yaml:"limit,omitempty"`
	EvalFrequency string   `json:"evalFrequency,omitempty" yaml:"evalFrequency,omitempty"`
	AlertEnabled  *bool    `json:"alertEnabled,omitempty" yaml:"alertEnabled,omitempty"`
	AlertProfile  string   `json:"alertProfile,omitempty" yaml:"alertProfile,omitempty"`
	Tags          []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}
In order to properly PATCH we need to omit items that aren't specified.

For booleans and integers Golang will omit zero values false and 0 respectively. This would prevent someone from toggling something to disabled or 0 respectively. As such we are using pointers instead of primitives for booleans and integers in this struct

func ParseUpdatePolicy 

func ParseUpdatePolicy(s string) (UpdatePolicy, error)

type UpdateQuery 

type UpdateQuery struct {
	QueryText string `json:"queryText"`
}

type UserEntity 

type UserEntity struct {
	CreatedTime      time.Time `json:"createdTime"`
	Mid              int       `json:"mid"`
	OtherGroupNames  []string  `json:"otherGroupNames"`
	PrimaryGroupName string    `json:"primaryGroupName"`
	UID              int       `json:"uid"`
	Username         string    `json:"username"`
}

type UserProfile 

type UserProfile struct {
	Username   string    `json:"username"`
	OrgAccount bool      `json:"orgAccount"`
	URL        string    `json:"url"`
	OrgAdmin   bool      `json:"orgAdmin"`
	OrgUser    bool      `json:"orgUser"`
	Accounts   []Account `json:"accounts"`
}

func (*UserProfile) OrgAccountName 

func (p *UserProfile) OrgAccountName() string

func (*UserProfile) SubAccountNames 

func (p *UserProfile) SubAccountNames() []string

type UserProfileResponse 

type UserProfileResponse struct {
	Data []UserProfile `json:"data"`
}

type UserProfileService 

type UserProfileService struct {
	// contains filtered or unexported fields
}

UserProfileService is the service that interacts with the UserProfile schema from the Lacework APIv2 Server

func (*UserProfileService) Get 

func (svc *UserProfileService) Get() (response UserProfileResponse, err error)

type UsersEntityResponse 

type UsersEntityResponse struct {
	Data   []UserEntity `json:"data"`
	Paging V2Pagination `json:"paging"`
	// contains filtered or unexported fields
}

func (UsersEntityResponse) PageInfo 

func (r UsersEntityResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (UsersEntityResponse) PageNumber 

func (m UsersEntityResponse) PageNumber() int

func (*UsersEntityResponse) PageRead 

func (m *UsersEntityResponse) PageRead()

func (*UsersEntityResponse) ResetPaging 

func (r *UsersEntityResponse) ResetPaging()

func (*UsersEntityResponse) SetTotalPages 

func (m *UsersEntityResponse) SetTotalPages(total int)

func (UsersEntityResponse) TotalPages 

func (m UsersEntityResponse) TotalPages() int

type V2AzureSidekickIntegration 

type V2AzureSidekickIntegration struct {
	AzureSidekickToken `json:"serverToken"`
	Data               AzureSidekickData `json:"data"`
	// contains filtered or unexported fields
}

func (V2AzureSidekickIntegration) ID 

func (c V2AzureSidekickIntegration) ID() string

func (V2AzureSidekickIntegration) StateString 

func (c V2AzureSidekickIntegration) StateString() string

func (V2AzureSidekickIntegration) Status 

func (c V2AzureSidekickIntegration) Status() string

type V2CommonIntegration 

type V2CommonIntegration struct {
	Data v2CommonIntegrationData `json:"data"`
}

type V2Endpoints 

type V2Endpoints struct {

	// Every schema must have its own service
	UserProfile             *UserProfileService
	AlertChannels           *AlertChannelsService
	Alert                   *v2alertProfilesService
	AlertRules              *AlertRulesService
	ReportRules             *ReportRulesService
	CloudAccounts           *CloudAccountsService
	Components              *ComponentsService
	ComponentData           *ComponentDataService
	ContainerRegistries     *ContainerRegistriesService
	Configs                 *v2ConfigService
	FeatureFlags            *FeatureFlagsService
	ResourceGroups          *ResourceGroupsVersionService
	AgentAccessTokens       *AgentAccessTokensService
	AgentInfo               *AgentInfoService
	Inventory               *InventoryService
	ComplianceEvaluations   *ComplianceEvaluationService
	Query                   *QueryService
	OrganizationInfo        *OrganizationInfoService
	Policy                  *PolicyService
	Reports                 *ReportsService
	ReportDefinitions       *ReportDefinitionsService
	Metrics                 *MetricsService
	ReportDistributions     *ReportDistributionsService
	Entities                *EntitiesService
	Schemas                 *SchemasService
	Datasources             *DatasourcesService
	DataExportRules         *DataExportRulesService
	TeamMembers             *TeamMembersService
	VulnerabilityExceptions *VulnerabilityExceptionsService
	Vulnerabilities         *v2VulnerabilitiesService
	Alerts                  *AlertsService
	Suppressions            *SuppressionsServiceV2
	Recommendations         *RecommendationsServiceV2
	// contains filtered or unexported fields
}

V2Endpoints groups all APIv2 endpoints available, they are grouped by schema which matches with our service architecture

func NewV2Endpoints 

func NewV2Endpoints(c *Client) *V2Endpoints

type V2GcpAlPubSubIntegration 

type V2GcpAlPubSubIntegration struct {
	Data GcpAlPubSubSesData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpAlPubSubIntegration) ID 

func (c V2GcpAlPubSubIntegration) ID() string

func (V2GcpAlPubSubIntegration) StateString 

func (c V2GcpAlPubSubIntegration) StateString() string

func (V2GcpAlPubSubIntegration) Status 

func (c V2GcpAlPubSubIntegration) Status() string

type V2GcpAtSesIntegration 

type V2GcpAtSesIntegration struct {
	Data GcpAtSesData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpAtSesIntegration) ID 

func (c V2GcpAtSesIntegration) ID() string

func (V2GcpAtSesIntegration) StateString 

func (c V2GcpAtSesIntegration) StateString() string

func (V2GcpAtSesIntegration) Status 

func (c V2GcpAtSesIntegration) Status() string

type V2GcpCfgIntegration 

type V2GcpCfgIntegration struct {
	Data GcpCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpCfgIntegration) ID 

func (c V2GcpCfgIntegration) ID() string

func (V2GcpCfgIntegration) StateString 

func (c V2GcpCfgIntegration) StateString() string

func (V2GcpCfgIntegration) Status 

func (c V2GcpCfgIntegration) Status() string

type V2GcpSidekickIntegration 

type V2GcpSidekickIntegration struct {
	GcpSidekickToken `json:"serverToken"`
	Data             GcpSidekickData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpSidekickIntegration) ID 

func (c V2GcpSidekickIntegration) ID() string

func (V2GcpSidekickIntegration) StateString 

func (c V2GcpSidekickIntegration) StateString() string

func (V2GcpSidekickIntegration) Status 

func (c V2GcpSidekickIntegration) Status() string

type V2IntegrationState 

type V2IntegrationState struct {
	Ok                 bool                   `json:"ok"`
	Details            map[string]interface{} `json:"details"`
	LastUpdatedTime    lwtime.Epoch           `json:"lastUpdatedTime"`
	LastSuccessfulTime lwtime.Epoch           `json:"lastSuccessfulTime"`
}

type V2Pagination 

type V2Pagination struct {
	Rows      int `json:"rows"`
	TotalRows int `json:"totalRows"`
	Urls      struct {
		NextPage string `json:"nextPage"`
	} `json:"urls"`
}

type V2RawType 

type V2RawType interface {
	GetData() any
	GetCommon() v2CommonIntegrationData
}

V2RawType is the interface that should be implemented when a struct is a response that contains v2CommonIntegrationData. This include AlertChannelRaw, CloudAccountRaw, ContainerRegistryRaw

type V2ServerToken 

type V2ServerToken struct {
	ServerToken string `json:"serverToken"`
	Uri         string `json:"uri"`
}

type V2Service 

type V2Service interface {
	Get(string, interface{}) error
	Delete(string) error
}

type ValidateQuery 

type ValidateQuery struct {
	QueryText     string  `json:"queryText"`
	QueryLanguage *string `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
}

type VictorOpsAlertChannelResponseV2 

type VictorOpsAlertChannelResponseV2 struct {
	Data VictorOpsAlertChannelV2 `json:"data"`
}

type VictorOpsAlertChannelV2 

type VictorOpsAlertChannelV2 struct {
	Data VictorOpsDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (VictorOpsAlertChannelV2) ID 

func (c VictorOpsAlertChannelV2) ID() string

func (VictorOpsAlertChannelV2) StateString 

func (c VictorOpsAlertChannelV2) StateString() string

func (VictorOpsAlertChannelV2) Status 

func (c VictorOpsAlertChannelV2) Status() string

type VictorOpsDataV2 

type VictorOpsDataV2 struct {
	Url string `json:"intgUrl"`
}

type VulnerabilitiesContainerScanResponse 

type VulnerabilitiesContainerScanResponse struct {
	Message string `json:"message"`
	Data    struct {
		RequestID string `json:"requestId"`
		Status    string `json:"status"`
	} `json:"data"`
}

func (*VulnerabilitiesContainerScanResponse) CheckStatus 

func (res *VulnerabilitiesContainerScanResponse) CheckStatus() string

type VulnerabilitiesContainersResponse 

type VulnerabilitiesContainersResponse struct {
	Data   []VulnerabilityContainer `json:"data"`
	Paging V2Pagination             `json:"paging"`
	// contains filtered or unexported fields
}

func (VulnerabilitiesContainersResponse) CriticalVulnerabilities 

func (r VulnerabilitiesContainersResponse) CriticalVulnerabilities() int32

func (*VulnerabilitiesContainersResponse) FilterSingleVulnIDData 

func (r *VulnerabilitiesContainersResponse) FilterSingleVulnIDData(vulnID string)

func (VulnerabilitiesContainersResponse) FixableVulnerabilities 

func (r VulnerabilitiesContainersResponse) FixableVulnerabilities() int32

func (VulnerabilitiesContainersResponse) HighVulnerabilities 

func (r VulnerabilitiesContainersResponse) HighVulnerabilities() int32

func (VulnerabilitiesContainersResponse) HighestFixableSeverity 

func (r VulnerabilitiesContainersResponse) HighestFixableSeverity() string

func (VulnerabilitiesContainersResponse) HighestSeverity 

func (r VulnerabilitiesContainersResponse) HighestSeverity() string

func (VulnerabilitiesContainersResponse) InfoVulnerabilities 

func (r VulnerabilitiesContainersResponse) InfoVulnerabilities() int32

func (VulnerabilitiesContainersResponse) LowVulnerabilities 

func (r VulnerabilitiesContainersResponse) LowVulnerabilities() int32

func (VulnerabilitiesContainersResponse) MediumVulnerabilities 

func (r VulnerabilitiesContainersResponse) MediumVulnerabilities() int32

func (VulnerabilitiesContainersResponse) PageInfo 

func (r VulnerabilitiesContainersResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (VulnerabilitiesContainersResponse) PageNumber 

func (m VulnerabilitiesContainersResponse) PageNumber() int

func (*VulnerabilitiesContainersResponse) PageRead 

func (m *VulnerabilitiesContainersResponse) PageRead()

func (*VulnerabilitiesContainersResponse) ResetPaging 

func (r *VulnerabilitiesContainersResponse) ResetPaging()

func (*VulnerabilitiesContainersResponse) SetTotalPages 

func (m *VulnerabilitiesContainersResponse) SetTotalPages(total int)

func (VulnerabilitiesContainersResponse) TotalFixableVulnerabilities 

func (r VulnerabilitiesContainersResponse) TotalFixableVulnerabilities() int32

func (VulnerabilitiesContainersResponse) TotalPages 

func (m VulnerabilitiesContainersResponse) TotalPages() int

func (VulnerabilitiesContainersResponse) TotalVulnerabilities 

func (r VulnerabilitiesContainersResponse) TotalVulnerabilities() int

func (VulnerabilitiesContainersResponse) VulnFixableCount 

func (r VulnerabilitiesContainersResponse) VulnFixableCount(severity string) int32

type VulnerabilitiesContainersScanStatusResponse 

type VulnerabilitiesContainersScanStatusResponse struct {
	Message string `json:"message"`
	Data    struct {
		EvalGuid string `json:"evalGuid"`
		Status   string `json:"status"`
	} `json:"data"`
}

func (*VulnerabilitiesContainersScanStatusResponse) CheckStatus 

func (res *VulnerabilitiesContainersScanStatusResponse) CheckStatus() string

type VulnerabilitiesHostResponse 

type VulnerabilitiesHostResponse struct {
	Data   []VulnerabilityHost `json:"data"`
	Paging V2Pagination        `json:"paging"`
	// contains filtered or unexported fields
}

func (VulnerabilitiesHostResponse) PageInfo 

func (r VulnerabilitiesHostResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (VulnerabilitiesHostResponse) PageNumber 

func (m VulnerabilitiesHostResponse) PageNumber() int

func (*VulnerabilitiesHostResponse) PageRead 

func (m *VulnerabilitiesHostResponse) PageRead()

func (*VulnerabilitiesHostResponse) ResetPaging 

func (r *VulnerabilitiesHostResponse) ResetPaging()

func (*VulnerabilitiesHostResponse) SetTotalPages 

func (m *VulnerabilitiesHostResponse) SetTotalPages(total int)

func (VulnerabilitiesHostResponse) TotalPages 

func (m VulnerabilitiesHostResponse) TotalPages() int

func (*VulnerabilitiesHostResponse) VulnerabilityCounts 

func (hosts *VulnerabilitiesHostResponse) VulnerabilityCounts() HostVulnCounts

type VulnerabilitiesOsPkgInfo 

type VulnerabilitiesOsPkgInfo struct {
	Os     string `json:"os"`
	OsVer  string `json:"osVer"`
	Pkg    string `json:"pkg"`
	PkgVer string `json:"pkgVer"`
}

type VulnerabilitiesPackageManifest 

type VulnerabilitiesPackageManifest struct {
	OsPkgInfoList []VulnerabilitiesOsPkgInfo `json:"osPkgInfoList"`
}

type VulnerabilityAssessment 

type VulnerabilityAssessment interface {
	HighestSeverity() string
	HighestFixableSeverity() string
	TotalFixableVulnerabilities() int32
}

VulnerabilityAssessment is used to provide common functions that are required by host or container vulnerability assessments, this is used to treat them both as equal

type VulnerabilityContainer 

type VulnerabilityContainer struct {
	EvalGUID string `json:"evalGuid"`
	EvalCtx  struct {
		CveBatchInfo []struct {
			CveBatchID     string `json:"cve_batch_id"`
			CveCreatedTime string `json:"cve_created_time"`
		} `json:"cve_batch_info"`
		ExceptionProps []struct {
			Status string `json:"status"`
		} `json:"exception_props"`
		ImageInfo        ImageInfo `json:"image_info"`
		IsDailyJob       string    `json:"isDailyJob"`
		IsReeval         bool      `json:"is_reeval"`
		ScanBatchID      string    `json:"scan_batch_id"`
		ScanCreatedTime  string    `json:"scan_created_time"`
		ScanRequestProps struct {
			DataFormatVersion string `json:"data_format_version"`
			Environment       struct {
				DockerVersion struct {
					ErrorMessage string `json:"error_message"`
				} `json:"docker_version"`
			} `json:"environment"`
			Props struct {
				DataFormatVersion string `json:"data_format_version"`
				ScannerVersion    string `json:"scanner_version"`
			} `json:"props"`
			ScanCompletionUtcTime int    `json:"scanCompletionUtcTime"`
			ScanStartTime         int    `json:"scan_start_time"`
			ScannerVersion        string `json:"scanner_version"`
		} `json:"scan_request_props"`
		VulnBatchID     string `json:"vuln_batch_id"`
		VulnCreatedTime string `json:"vuln_created_time"`
	} `json:"evalCtx"`
	FeatureKey struct {
		Name      string `json:"name"`
		Namespace string `json:"namespace"`
		Version   string `json:"version"`
	} `json:"featureKey"`
	FeatureProps struct {
		IntroducedIn  string `json:"introduced_in"`
		Layer         string `json:"layer"`
		Feed          string `json:"feed"`
		Src           string `json:"src"`
		VersionFormat string `json:"version_format"`
	} `json:"featureProps"`
	FixInfo struct {
		CompareResult int    `json:"compare_result"`
		FixAvailable  int    `json:"fix_available"`
		FixedVersion  string `json:"fixed_version"`
	} `json:"fixInfo"`
	RiskInfo struct {
		Factors          []string `json:"factors"`
		FactorsBreakdown struct {
			ActiveContainers int `json:"active_containers"`
			CveCounts        struct {
				Critical int `json:"Critical"`
				High     int `json:"High"`
				Medium   int `json:"Medium"`
				Other    int `json:"Other"`
			} `json:"cve_counts"`
			ExploitSummary struct {
				DisclosureInWild    string `json:"disclosure_in_wild"`
				ExploitPublic       string `json:"exploit_public"`
				ExploitVirusMalware string `json:"exploit_virus_malware"`
				ExploitWormified    string `json:"exploit_wormified"`
			} `json:"exploit_summary"`
			InternetReachability string `json:"internet_reachability"`
		} `json:"factors_breakdown"`
	} `json:"riskInfo"`
	ImageID   string    `json:"imageId"`
	Severity  string    `json:"severity"`
	StartTime time.Time `json:"startTime"`
	Status    string    `json:"status"`
	VulnID    string    `json:"vulnId"`
}

type VulnerabilityException 

type VulnerabilityException struct {
	Guid                  string                               `json:"exceptionGuid,omitempty"`
	Enabled               int                                  `json:"state"`
	ExceptionName         string                               `json:"exceptionName"`
	ExceptionType         string                               `json:"exceptionType"`
	ExceptionReason       string                               `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps          `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria       `json:"vulnerabilityCriteria"`
	ResourceScope         *VulnerabilityExceptionResourceScope `json:"resourceScope,omitempty"`
	CreatedTime           string                               `json:"createdTime,omitempty"`
	UpdatedTime           string                               `json:"updatedTime,omitempty"`
	ExpiryTime            string                               `json:"expiryTime,omitempty"`
}

func NewVulnerabilityException 

func NewVulnerabilityException(name string, exception VulnerabilityExceptionConfig) VulnerabilityException

NewVulnerabilityException returns an instance of the VulnerabilityException struct

Basic usage: Initialize a new VulnerabilityException struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  exception := api.VulnerabilityExceptionConfig{
      Type:            api.VulnerabilityExceptionTypeHost,
      Description:     "This is a vuln exception",
      ExceptionReason: api.VulnerabilityExceptionReasonCompensatingControls,
      Severities:      api.VulnerabilityExceptionSeverities{api.VulnerabilityExceptionSeverityCritical},
      Fixable: 		  true,
      ResourceScope:   api.VulnerabilityExceptionContainerResourceScope{
         ImageID:    []string{""},
         ImageTag:   []string{""},
         Registry:   []string{""},
         Repository: []string{""},
         Namespace:  []string{""},
      },
      ExpiryTime: time.Now().AddDate(0, 1, 0),
  }

	 vulnerabilityException := api.NewVulnerabilityException("vulnerabilityException", exception)

  client.V2.VulnerabilityExceptions.Create(vulnerabilityException)

func (VulnerabilityException) Status 

func (exception VulnerabilityException) Status() string

type VulnerabilityExceptionConfig 

type VulnerabilityExceptionConfig struct {
	Description     string
	Type            vulnerabilityExceptionType
	ExceptionReason vulnerabilityExceptionReason
	Severities      VulnerabilityExceptionSeverities
	Cve             []string
	Package         []VulnerabilityExceptionPackage
	Fixable         *bool
	ResourceScope   vulnerabilityExceptionResourceScope
	ExpiryTime      time.Time
}

func (VulnerabilityExceptionConfig) FixableEnabled 

func (cfg VulnerabilityExceptionConfig) FixableEnabled() []int

type VulnerabilityExceptionContainer 

type VulnerabilityExceptionContainer struct {
	Guid                  string                                       `json:"exceptionGuid,omitempty"`
	Enabled               int                                          `json:"state"`
	ExceptionName         string                                       `json:"exceptionName"`
	ExceptionType         string                                       `json:"exceptionType"`
	ExceptionReason       string                                       `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps                  `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria               `json:"vulnerabilityCriteria"`
	ResourceScope         VulnerabilityExceptionResourceScopeContainer `json:"resourceScope,omitempty"`
	CreatedTime           string                                       `json:"createdTime,omitempty"`
	UpdatedTime           string                                       `json:"updatedTime,omitempty"`
	ExpiryTime            string                                       `json:"expiryTime,omitempty"`
}

type VulnerabilityExceptionContainerResourceScope 

type VulnerabilityExceptionContainerResourceScope struct {
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`
	Namespace  []string `json:"namespace,omitempty"`
}

func (VulnerabilityExceptionContainerResourceScope) Scope 

func (ctr VulnerabilityExceptionContainerResourceScope) Scope() VulnerabilityExceptionResourceScope

func (VulnerabilityExceptionContainerResourceScope) Type 

func (ctr VulnerabilityExceptionContainerResourceScope) Type() vulnerabilityExceptionType

type VulnerabilityExceptionContainerResponse 

type VulnerabilityExceptionContainerResponse struct {
	Data VulnerabilityExceptionContainer `json:"data"`
}

type VulnerabilityExceptionCriteria 

type VulnerabilityExceptionCriteria struct {
	Cve      []string              `json:"cve,omitempty"`
	Package  []map[string][]string `json:"package,omitempty"`
	Severity []string              `json:"severity,omitempty"`
	Fixable  []int                 `json:"fixable,omitempty"`
}

func (VulnerabilityExceptionCriteria) FixableEnabled 

func (vc VulnerabilityExceptionCriteria) FixableEnabled() *bool

type VulnerabilityExceptionHost 

type VulnerabilityExceptionHost struct {
	Guid                  string                                  `json:"exceptionGuid,omitempty"`
	Enabled               int                                     `json:"state"`
	ExceptionName         string                                  `json:"exceptionName"`
	ExceptionType         string                                  `json:"exceptionType"`
	ExceptionReason       string                                  `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps             `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria          `json:"vulnerabilityCriteria"`
	ResourceScope         VulnerabilityExceptionResourceScopeHost `json:"resourceScope,omitempty"`
	CreatedTime           string                                  `json:"createdTime,omitempty"`
	UpdatedTime           string                                  `json:"updatedTime,omitempty"`
	ExpiryTime            string                                  `json:"expiryTime,omitempty"`
}

type VulnerabilityExceptionHostResourceScope 

type VulnerabilityExceptionHostResourceScope struct {
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`
	Namespace   []string `json:"namespace,omitempty"`
}

func (VulnerabilityExceptionHostResourceScope) Scope 

func (host VulnerabilityExceptionHostResourceScope) Scope() VulnerabilityExceptionResourceScope

func (VulnerabilityExceptionHostResourceScope) Type 

func (host VulnerabilityExceptionHostResourceScope) Type() vulnerabilityExceptionType

type VulnerabilityExceptionHostResponse 

type VulnerabilityExceptionHostResponse struct {
	Data VulnerabilityExceptionHost `json:"data"`
}

type VulnerabilityExceptionPackage 

type VulnerabilityExceptionPackage struct {
	Name    string
	Version string
}

func NewVulnerabilityExceptionPackages 

func NewVulnerabilityExceptionPackages(packageMap []map[string]string) []VulnerabilityExceptionPackage

type VulnerabilityExceptionProps 

type VulnerabilityExceptionProps struct {
	Description string `json:"description,omitempty"`
	CreatedBy   string `json:"createdBy,omitempty"`
	UpdatedBy   string `json:"updatedBy,omitempty"`
}

type VulnerabilityExceptionResourceScope 

type VulnerabilityExceptionResourceScope struct {
	// Container properties
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`

	// Host properties
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`

	// Shared properties
	Namespace []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResourceScopeContainer 

type VulnerabilityExceptionResourceScopeContainer struct {
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`
	Namespace  []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResourceScopeHost 

type VulnerabilityExceptionResourceScopeHost struct {
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`
	Namespace   []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResponse 

type VulnerabilityExceptionResponse struct {
	Data VulnerabilityException `json:"data"`
}

type VulnerabilityExceptionSeverities 

type VulnerabilityExceptionSeverities []vulnerabilityExceptionSeverity

func NewVulnerabilityExceptionSeverities 

func NewVulnerabilityExceptionSeverities(sevSlice []string) VulnerabilityExceptionSeverities

func (VulnerabilityExceptionSeverities) ToStringSlice 

func (sevs VulnerabilityExceptionSeverities) ToStringSlice() []string

type VulnerabilityExceptionsResponse 

type VulnerabilityExceptionsResponse struct {
	Data []VulnerabilityException `json:"data"`
}

type VulnerabilityExceptionsService 

type VulnerabilityExceptionsService struct {
	// contains filtered or unexported fields
}

VulnerabilityExceptionsService is the service that interacts with the VulnerabilityExceptions schema from the Lacework APIv2 Server

func (*VulnerabilityExceptionsService) Create 

func (svc *VulnerabilityExceptionsService) Create(vuln VulnerabilityException) (
	response VulnerabilityExceptionResponse,
	err error,
)

Create creates a single Vulnerability Exception

func (*VulnerabilityExceptionsService) CreateVulnerabilityExceptionsContainer 

func (svc *VulnerabilityExceptionsService) CreateVulnerabilityExceptionsContainer(vuln VulnerabilityException) (
	response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) CreateVulnerabilityExceptionsHost 

func (svc *VulnerabilityExceptionsService) CreateVulnerabilityExceptionsHost(vuln VulnerabilityException) (
	response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) Delete 

func (svc *VulnerabilityExceptionsService) Delete(guid string) error

Delete deletes a Vulnerability Exception that matches the provided guid

func (*VulnerabilityExceptionsService) Get 

func (svc *VulnerabilityExceptionsService) Get(guid string, response interface{}) error

Get returns a raw response of the Vulnerability Exception with the matching guid.

func (*VulnerabilityExceptionsService) GetVulnerabilityExceptionsContainer 

func (svc *VulnerabilityExceptionsService) GetVulnerabilityExceptionsContainer(guid string) (
	response VulnerabilityExceptionContainerResponse, err error,
)

func (*VulnerabilityExceptionsService) GetVulnerabilityExceptionsHost 

func (svc *VulnerabilityExceptionsService) GetVulnerabilityExceptionsHost(guid string) (
	response VulnerabilityExceptionHostResponse, err error,
)

func (*VulnerabilityExceptionsService) List 

func (svc *VulnerabilityExceptionsService) List() (response VulnerabilityExceptionsResponse, err error)

List returns a list of Vulnerability Exceptions

func (*VulnerabilityExceptionsService) ListVulnerabilityExceptionsContainers 

func (svc *VulnerabilityExceptionsService) ListVulnerabilityExceptionsContainers() (
	response VulnerabilityExceptionContainerResponse, err error,
)

func (*VulnerabilityExceptionsService) ListVulnerabilityExceptionsHosts 

func (svc *VulnerabilityExceptionsService) ListVulnerabilityExceptionsHosts() (
	response VulnerabilityExceptionHostResponse, err error,
)

func (*VulnerabilityExceptionsService) Update 

func (svc *VulnerabilityExceptionsService) Update(data VulnerabilityException) (
	response VulnerabilityExceptionResponse,
	err error,
)

Update updates a single Vulnerability Exception.

func (*VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsContainer 

func (svc *VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsContainer(
	data VulnerabilityException, id string,
) (
	response VulnerabilityExceptionContainerResponse,
	err error,
)

func (*VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsHost 

func (svc *VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsHost(data VulnerabilityException, id string) (
	response VulnerabilityExceptionHostResponse,
	err error,
)

type VulnerabilityHost 

type VulnerabilityHost struct {
	CveProps struct {
		CveBatchID  string                     `json:"cve_batch_id"`
		Description string                     `json:"description"`
		Link        string                     `json:"link"`
		Metadata    *VulnerabilityHostMetadata `json:"metadata,omitempty"`
	} `json:"cveProps"`
	EvalCtx struct {
		ExceptionProps []interface{} `json:"exception_props"`
		Hostname       string        `json:"hostname"`
		McEvalGUID     string        `json:"mc_eval_guid"`
		CollectorType  string        `json:"collector_type"`
	} `json:"evalCtx"`
	FeatureKey struct {
		Name             string `json:"name"`
		Namespace        string `json:"namespace"`
		PackageActive    int    `json:"package_active"`
		VersionInstalled string `json:"version_installed"`
	} `json:"featureKey"`
	FixInfo struct {
		CompareResult               string `json:"compare_result"`
		EvalStatus                  string `json:"eval_status"`
		FixAvailable                string `json:"fix_available"`
		FixedVersion                string `json:"fixed_version"`
		FixedVersionComparisonInfos []struct {
			CurrFixVer                         string `json:"curr_fix_ver"`
			IsCurrFixVerGreaterThanOtherFixVer string `json:"is_curr_fix_ver_greater_than_other_fix_ver"`
			OtherFixVer                        string `json:"other_fix_ver"`
		} `json:"fixed_version_comparison_infos"`
		FixedVersionComparisonScore int    `json:"fixed_version_comparison_score"`
		VersionInstalled            string `json:"version_installed"`
	} `json:"fixInfo"`
	MachineTags any                    `json:"machineTags"`
	Props       VulnerabilityHostProps `json:"props"`
	Mid         int                    `json:"mid"`
	Severity    string                 `json:"severity"`
	StartTime   time.Time              `json:"startTime"`
	EndTime     time.Time              `json:"endTime"`
	EvalGUID    string                 `json:"evalGuid"`
	Status      string                 `json:"status"`
	VulnID      string                 `json:"vulnId"`
}

func (*VulnerabilityHost) CvssV2 

func (v *VulnerabilityHost) CvssV2() string

func (*VulnerabilityHost) CvssV3 

func (v *VulnerabilityHost) CvssV3() string

func (*VulnerabilityHost) GetMachineTags 

func (v *VulnerabilityHost) GetMachineTags() (machineTags VulnerabilityHostMachineTags, err error)

func (*VulnerabilityHost) GetMachineTagsRaw 

func (v *VulnerabilityHost) GetMachineTagsRaw() (map[string]interface{}, error)

func (*VulnerabilityHost) HasFix 

func (v *VulnerabilityHost) HasFix() bool

func (*VulnerabilityHost) PackageActive 

func (v *VulnerabilityHost) PackageActive() string

type VulnerabilityHostMachineTags 

type VulnerabilityHostMachineTags struct {
	Account                               string `json:"Account"`
	AmiID                                 string `json:"AmiId"`
	Env                                   string `json:"Env"`
	ExternalIP                            string `json:"ExternalIp"`
	Hostname                              string `json:"Hostname"`
	InstanceID                            string `json:"InstanceId"`
	InternalIP                            string `json:"InternalIp"`
	LwTokenShort                          string `json:"LwTokenShort"`
	Name                                  string `json:"Name"`
	SubnetID                              string `json:"SubnetId"`
	VMInstanceType                        string `json:"VmInstanceType"`
	VMProvider                            string `json:"VmProvider"`
	VpcID                                 string `json:"VpcId"`
	Zone                                  string `json:"Zone"`
	AlphaEksctlIoNodegroupName            string `json:"alpha.eksctl.io/nodegroup-name"`
	AlphaEksctlIoNodegroupType            string `json:"alpha.eksctl.io/nodegroup-type"`
	Arch                                  string `json:"arch"`
	AwsAutoscalingGroupName               string `json:"aws:autoscaling:groupName"`
	AwsEc2FleetID                         string `json:"aws:ec2:fleet-id"`
	AwsEc2LaunchtemplateID                string `json:"aws:ec2launchtemplate:id"`
	AwsEc2LaunchtemplateVersion           string `json:"aws:ec2launchtemplate:version"`
	EksClusterName                        string `json:"eks:cluster-name"`
	EksNodegroupName                      string `json:"eks:nodegroup-name"`
	K8SIoClusterAutoscalerEnabled         int    `json:"k8s.io/cluster-autoscaler/enabled"`
	K8SIoClusterAutoscalerTechallySandbox string `json:"k8s.io/cluster-autoscaler/techally-sandbox"`
	KubernetesIoClusterTechallySandbox    string `json:"kubernetes.io/cluster/techally-sandbox"`
	LwKubernetesCluster                   string `json:"lw_KubernetesCluster"`
	Os                                    string `json:"os"`
	LwInternetExposure                    string `json:"lw_InternetExposure"`

	//gcp
	GCEtags          any    `json:"GCEtags"`
	InstanceName     string `json:"InstanceName"`
	NumericProjectId string `json:"NumericProjectId"`
	ProjectId        string `json:"ProjectId"`
}

type VulnerabilityHostMetadata 

type VulnerabilityHostMetadata struct {
	NVD struct {
		CVSSv2 struct {
			PublishedDateTime string  `json:"PublishedDateTime"`
			Score             float64 `json:"Score"`
			Vectors           string  `json:"Vectors"`
		} `json:"CVSSv2"`
		CVSSv3 struct {
			ExploitabilityScore float64 `json:"ExploitabilityScore"`
			ImpactScore         float64 `json:"ImpactScore"`
			Score               float64 `json:"Score"`
			Vectors             string  `json:"Vectors"`
		} `json:"CVSSv3"`
	} `json:"NVD"`
}

type VulnerabilityHostProps 

type VulnerabilityHostProps struct {
	FirstTimeSeen   *time.Time `json:"first_time_seen,omitempty"`
	IsDailyJob      int        `json:"isDailyJob,omitempty"`
	LastUpdatedTime *time.Time `json:"last_updated_time,omitempty"`
}

type VulnerabilitySoftwarePackage 

type VulnerabilitySoftwarePackage struct {
	OsPkgInfo struct {
		Namespace     string `json:"namespace"`
		Os            string `json:"os"`
		OsVer         string `json:"osVer"`
		Pkg           string `json:"pkg"`
		PkgVer        string `json:"pkgVer"`
		VersionFormat string `json:"versionFormat"`
	} `json:"osPkgInfo"`
	VulnID     string `json:"vulnId"`
	Severity   string `json:"severity"`
	FeatureKey struct {
		AffectedRange struct {
			End struct {
				Inclusive bool   `json:"inclusive"`
				Value     string `json:"value"`
			} `json:"end"`
			FixVersion string `json:"fixVersion"`
			Start      struct {
				Inclusive bool   `json:"inclusive"`
				Value     string `json:"value"`
			} `json:"start"`
		} `json:"affectedRange"`
		Name      string `json:"name"`
		Namespace string `json:"namespace"`
	} `json:"featureKey"`
	CveProps struct {
		CveBatchId  string `json:"cveBatchId"`
		Description string `json:"description"`
		Link        string `json:"link"`
		Metadata    struct {
			Nvd struct {
				Cvssv2 struct {
					Publisheddatetime string  `json:"publisheddatetime"`
					Score             float64 `json:"score"`
					Vectors           string  `json:"vectors"`
				} `json:"cvssv2"`
				Cvssv3 struct {
					Exploitabilityscore float64 `json:"exploitabilityscore"`
					Impactscore         float64 `json:"impactscore"`
					Score               float64 `json:"score"`
					Vectors             string  `json:"vectors"`
				} `json:"cvssv3"`
			} `json:"nvd"`
		} `json:"metadata"`
	} `json:"cveProps"`
	FixInfo struct {
		CompareResult               int    `json:"compareResult"`
		EvalStatus                  string `json:"evalStatus"`
		FixAvailable                int    `json:"fixAvailable"`
		FixedVersion                string `json:"fixedVersion"`
		FixedVersionComparisonInfos []struct {
			CurrFixVer                         string `json:"currFixVer"`
			IsCurrFixVerGreaterThanOtherFixVer string `json:"isCurrFixVerGreaterThanOtherFixVer"`
			OtherFixVer                        string `json:"otherFixVer"`
		} `json:"fixedVersionComparisonInfos"`
		FixedVersionComparisonScore int    `json:"fixedVersionComparisonScore"`
		MaxPrefixMatchingLenScore   int    `json:"maxPrefixMatchingLenScore"`
		VersionInstalled            string `json:"versionInstalled"`
	} `json:"fixInfo"`
	Summary struct {
		EvalCreatedTime          string `json:"evalCreatedTime"`
		EvalStatus               string `json:"evalStatus"`
		NumFixableVuln           int    `json:"numFixableVuln"`
		NumFixableVulnBySeverity struct {
			Critical int `json:"1"`
			High     int `json:"2"`
			Medium   int `json:"3"`
			Low      int `json:"4"`
			Info     int `json:"5"`
		} `json:"numFixableVulnBySeverity"`
		NumTotal          int `json:"numTotal"`
		NumVuln           int `json:"numVuln"`
		NumVulnBySeverity struct {
			Critical int `json:"1"`
			High     int `json:"2"`
			Field3   int `json:"3"`
			Medium   int `json:"4"`
			Info     int `json:"5"`
		} `json:"numVulnBySeverity"`
	} `json:"summary"`
	Props struct {
		EvalAlgo string `json:"evalAlgo"`
	} `json:"props"`
}

func (*VulnerabilitySoftwarePackage) HasFix 

func (v *VulnerabilitySoftwarePackage) HasFix() bool

func (*VulnerabilitySoftwarePackage) IsVulnerable 

func (v *VulnerabilitySoftwarePackage) IsVulnerable() bool

func (*VulnerabilitySoftwarePackage) ScoreString 

func (v *VulnerabilitySoftwarePackage) ScoreString() string

type VulnerabilitySoftwarePackagesResponse 

type VulnerabilitySoftwarePackagesResponse struct {
	Data []VulnerabilitySoftwarePackage `json:"data"`
}

func (*VulnerabilitySoftwarePackagesResponse) VulnerabilityCounts 

func (v *VulnerabilitySoftwarePackagesResponse) VulnerabilityCounts() HostVulnCounts

type WebhookAlertChannelResponseV2 

type WebhookAlertChannelResponseV2 struct {
	Data WebhookAlertChannelV2 `json:"data"`
}

type WebhookAlertChannelV2 

type WebhookAlertChannelV2 struct {
	Data WebhookDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (WebhookAlertChannelV2) ID 

func (c WebhookAlertChannelV2) ID() string

func (WebhookAlertChannelV2) StateString 

func (c WebhookAlertChannelV2) StateString() string

func (WebhookAlertChannelV2) Status 

func (c WebhookAlertChannelV2) Status() string

type WebhookDataV2 

type WebhookDataV2 struct {
	WebhookUrl string `json:"webhookUrl"`
}

type WeeklyEventsReportRuleNotifications 

type WeeklyEventsReportRuleNotifications struct {
	TrendReport bool `json:"trendReport"`
}

func (WeeklyEventsReportRuleNotifications) ToMap 

func (weekly WeeklyEventsReportRuleNotifications) ToMap() map[string]bool

Source Files

View all Source files

Directories

Path Synopsis
_examples
active-containers
agent-access-token
alert-channels-v2
alert-profiles
alert-rules
aws-cloudwatch-alert-channel
aws-s3-alert-channel
cisco-webex-alert-channel
cloud-accounts/aws-agentless-scanning
cloud-accounts/aws-agentless-scanning-org
cloud-accounts/aws-cfg
cloud-accounts/aws-ct-sqs
cloud-accounts/aws-eks-audit
cloud-accounts/azure-ad-al
cloud-accounts/gcp-al-pub-sub
cloud-accounts/gcp-gke-audit
cloud-accounts/oci-cfg
components
container-registries/aws_ecr_access_key
container-registries/aws_ecr_iam_role
container-registries/inline_scanner
container-registries/proxy_scanner
container-vuln-search
data-export-rules
datadog-alert-channel
feature-flags
gcp_pub_sub-alert-channel
host-vuln-list-cves
jira-cloud-with-custom-template-alert-channel
microsoft-teams-alert-channel
new-relic-alert-channel
pagerduty-alert-channel
pagination
policy
policy-exceptions
qradar-alert-channel
report-definitions
report-distributions
report-rules
reports/aws
reports/azure
reports/gcp
resource-groups
service-now-alert-channel
slack-alert-channel
splunk-alert-channel
team-members
team-members-org
token-generation
victorops-alert-channel
vulnerability-exceptions
webhook-alert-channel

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.