util

package
v0.0.0-...-6cc58d3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 20, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CloudProviderAWS             = "aws"
	CloudProviderGCP             = "gcp"
	CloudProviderAzure           = "azure"
	NodeTypeCloudAccount         = "cloud-node"
	CloudComplianceScanIndexName = "cloud-compliance"
	StatusAlarm                  = "alarm"
	StatusOk                     = "ok"
	StatusInfo                   = "info"
	StatusSkip                   = "skip"
	StatusError                  = "error"
)
View Source
const (
	DeploymentModeKubernetes = "kubernetes"
	DeploymentModeDocker     = "docker"
)
View Source
const (
	ErrSteampipeDB                   = "failed to connect to the database"
	ErrSteampipeInvalidClientTokenID = "The security token included in the request is invalid"
)

Variables

View Source
var (
	HomeDirectory             string
	InstallDirectory          string
	SteampipeInstallDirectory string

	SteampipeAWSPluginVersion     = fmt.Sprintf("aws@%s", os.Getenv("STEAMPIPE_AWS_PLUGIN_VERSION"))
	SteampipeGCPPluginVersion     = fmt.Sprintf("gcp@%s", os.Getenv("STEAMPIPE_GCP_PLUGIN_VERSION"))
	SteampipeAzurePluginVersion   = fmt.Sprintf("azure@%s", os.Getenv("STEAMPIPE_AZURE_PLUGIN_VERSION"))
	SteampipeAzureADPluginVersion = fmt.Sprintf("azuread@%s", os.Getenv("STEAMPIPE_AZURE_AD_PLUGIN_VERSION"))

	GCPCredentialFilePath string

	AWSRegions = []string{"us-east-1", "us-east-2", "us-west-1", "us-west-2", "af-south-1", "ap-east-1", "ap-south-2",
		"ap-southeast-3", "ap-southeast-5", "ap-southeast-4", "ap-south-1", "ap-northeast-3", "ap-northeast-2",
		"ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ca-central-1", "ca-west-1", "cn-north-1",
		"cn-northwest-1", "eu-central-1", "eu-west-1", "eu-west-2", "eu-south-1", "eu-west-3", "eu-south-2",
		"eu-north-1", "eu-central-2", "il-central-1", "me-south-1", "me-central-1", "sa-east-1"}
)
View Source
var (
	SleepTime = 5 * time.Second
)

Functions

func GetAWSCredentialsConfig

func GetAWSCredentialsConfig(ctx context.Context, accountID string, region string, c Config, verifyCredential bool) (aws.Config, error)

func GetCloudMetadata

func GetCloudMetadata() (cloud_metadata.CloudMetadata, error)

func GetDatetimeNow

func GetDatetimeNow() string

func GetNodeID

func GetNodeID(cloudProvider string, accountID string) string

func GetOrgNodeID

func GetOrgNodeID(cloudProvider string, orgAccountID string) string

func InSlice

func InSlice[T comparable](e T, s []T) bool

func RandomString

func RandomString(n int) string

func RestartSteampipeService

func RestartSteampipeService()

Types

type AccountsToRefresh

type AccountsToRefresh struct {
	AccountID     string
	NodeID        string
	ResourceTypes []string
}

type CloudTrailDetails

type CloudTrailDetails struct {
	AccountId string `json:"account_id"`
	TrailName string `json:"trail_name"`
}

type ComplianceControl

type ComplianceControl struct {
	Results     []ComplianceControlResult `json:"results"`
	ControlID   string                    `json:"control_id"`
	Description string                    `json:"description"`
	Severity    string                    `json:"severity"`
	Tags        ComplianceTags            `json:"tags"`
	Title       string                    `json:"title"`
}

type ComplianceControlResult

type ComplianceControlResult struct {
	Reason     string `json:"reason"`
	Resource   string `json:"resource"`
	Status     string `json:"status"`
	Dimensions []struct {
		Key   string `json:"key"`
		Value string `json:"value"`
	} `json:"dimensions"`
}

type ComplianceDoc

type ComplianceDoc struct {
	Timestamp           string `json:"@timestamp"`
	Count               int    `json:"count,omitempty"`
	Reason              string `json:"reason"`
	Resource            string `json:"resource"`
	Status              string `json:"status"`
	Region              string `json:"region"`
	AccountID           string `json:"account_id"`
	Group               string `json:"group"`
	Service             string `json:"service"`
	Title               string `json:"title"`
	ComplianceCheckType string `json:"compliance_check_type"`
	CloudProvider       string `json:"cloud_provider"`
	NodeName            string `json:"node_name"`
	NodeID              string `json:"connected_node_id"`
	ScanID              string `json:"scan_id"`
	Type                string `json:"type"`
	ControlID           string `json:"control_id"`
	Description         string `json:"description"`
	Severity            string `json:"severity"`
}

type ComplianceGroup

type ComplianceGroup struct {
	GroupID        string         `json:"group_id"`
	Title          string         `json:"title"`
	Description    string         `json:"description"`
	Tags           ComplianceTags `json:"tags"`
	ComplianceType string         `json:"compliance_type"`
	Summary        struct {
		Status ComplianceSummary `json:"status"`
	} `json:"summary"`
	Groups   []ComplianceGroup   `json:"groups"`
	Controls []ComplianceControl `json:"controls"`
}

type ComplianceSummary

type ComplianceSummary struct {
	Total                int     `json:"total"`
	Alarm                int     `json:"alarm"`
	Ok                   int     `json:"ok"`
	Info                 int     `json:"info"`
	Skip                 int     `json:"skip"`
	Error                int     `json:"error"`
	CompliancePercentage float32 `json:"compliance_percentage"`
}

type ComplianceTags

type ComplianceTags struct {
	Benchmark string `json:"benchmark"`
	Category  string `json:"category"`
	Plugin    string `json:"plugin"`
	Service   string `json:"service"`
	Type      string `json:"type"`
}

type Config

type Config struct {
	ManagementConsoleUrl     string   `envconfig:"MGMT_CONSOLE_URL" validate:"required" json:"management_console_url"`
	ManagementConsolePort    string   `envconfig:"MGMT_CONSOLE_PORT" default:"443" json:"management_console_port"`
	DeepfenceKey             string   `envconfig:"DEEPFENCE_KEY" validate:"required" json:"-"`
	CloudProvider            string   `envconfig:"CLOUD_PROVIDER" json:"cloud_provider"`
	CloudRegion              string   `envconfig:"CLOUD_REGION" json:"cloud_region"`
	EnabledCloudRegions      string   `envconfig:"ENABLED_CLOUD_REGIONS" json:"enabled_cloud_regions"`
	AccountID                string   `envconfig:"CLOUD_ACCOUNT_ID" json:"account_id"`
	DeployedAccountID        string   `envconfig:"DEPLOYED_ACCOUNT_ID" json:"deployed_account_id"`
	AccountName              string   `envconfig:"CLOUD_ACCOUNT_NAME" json:"account_name"`
	OrganizationID           string   `envconfig:"CLOUD_ORGANIZATION_ID" json:"organization_id"`
	IsOrganizationDeployment bool     `envconfig:"ORGANIZATION_DEPLOYMENT" default:"false" json:"is_organization_deployment"`
	RoleName                 string   `envconfig:"ROLE_NAME" json:"role_name"`
	AWSCredentialSource      string   `envconfig:"AWS_CREDENTIAL_SOURCE" json:"aws_credential_source"`
	CloudAuditLogsEnabled    bool     `envconfig:"CLOUD_AUDIT_LOGS_ENABLED" default:"true" json:"cloud_audit_logs_enabled"`
	CloudAuditLogsIDs        []string `envconfig:"CLOUD_AUDIT_LOG_IDS" json:"cloud_audit_logs_ids"`
	HttpServerRequired       bool     `envconfig:"HTTP_SERVER_REQUIRED" default:"false" json:"http_server_required"`
	SuccessSignalUrl         string   `envconfig:"SUCCESS_SIGNAL_URL" json:"success_signal_url"`
	LogLevel                 string   `envconfig:"DF_LOG_LEVEL" default:"info" json:"log_level"`
	ScanInactiveThreshold    int      `envconfig:"SCAN_INACTIVE_THRESHOLD" default:"21600" json:"scan_inactive_threshold"`
	CloudScannerPolicy       string   `envconfig:"CLOUD_SCANNER_POLICY" json:"cloud_scanner_policy"`
	DeploymentMode           string   `envconfig:"DEPLOYMENT_MODE" json:"deployment_mode"`
	GCPCredentials           string   `envconfig:"GCP_SERVICE_ACCOUNT_CREDENTIAL" json:"gcp_service_account_credential"`

	CloudMetadata                cloudmetadata.CloudMetadata `ignored:"true" json:"cloud_metadata"`
	NodeID                       string                      `ignored:"true" json:"-"`
	Version                      string                      `ignored:"true" json:"version"`
	DatabasePersistenceSupported bool                        `ignored:"true" json:"database_persistence_supported"`
	InstallationID               string                      `ignored:"true" json:"installation_id"`
}

type MonitoredAccount

type MonitoredAccount struct {
	AccountID   string `json:"account_id"`
	AccountName string `json:"account_name"`
	NodeID      string `json:"node_id"`
}

type RefreshMetadata

type RefreshMetadata struct {
	InProgressResourceType string `json:"in_progress"`
	CompletedResourceTypes int    `json:"completed"`
	TotalResourceTypes     int    `json:"total"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL