Documentation ¶
Index ¶
- Constants
- Variables
- func GetAWSCredentialsConfig(ctx context.Context, accountID string, region string, c Config, ...) (aws.Config, error)
- func GetCloudMetadata() (cloud_metadata.CloudMetadata, error)
- func GetDatetimeNow() string
- func GetNodeID(cloudProvider string, accountID string) string
- func GetOrgNodeID(cloudProvider string, orgAccountID string) string
- func InSlice[T comparable](e T, s []T) bool
- func RandomString(n int) string
- func RestartSteampipeService()
- type AccountsToRefresh
- type CloudTrailDetails
- type ComplianceControl
- type ComplianceControlResult
- type ComplianceDoc
- type ComplianceGroup
- type ComplianceSummary
- type ComplianceTags
- type Config
- type MonitoredAccount
- type RefreshMetadata
Constants ¶
View Source
const ( CloudProviderAWS = "aws" CloudProviderGCP = "gcp" CloudProviderAzure = "azure" NodeTypeCloudAccount = "cloud-node" CloudComplianceScanIndexName = "cloud-compliance" StatusAlarm = "alarm" StatusOk = "ok" StatusInfo = "info" StatusSkip = "skip" StatusError = "error" )
View Source
const ( DeploymentModeKubernetes = "kubernetes" DeploymentModeDocker = "docker" )
View Source
const ( ErrSteampipeDB = "failed to connect to the database" ErrSteampipeInvalidClientTokenID = "The security token included in the request is invalid" )
Variables ¶
View Source
var ( HomeDirectory string InstallDirectory string SteampipeInstallDirectory string SteampipeAWSPluginVersion = fmt.Sprintf("aws@%s", os.Getenv("STEAMPIPE_AWS_PLUGIN_VERSION")) SteampipeGCPPluginVersion = fmt.Sprintf("gcp@%s", os.Getenv("STEAMPIPE_GCP_PLUGIN_VERSION")) SteampipeAzurePluginVersion = fmt.Sprintf("azure@%s", os.Getenv("STEAMPIPE_AZURE_PLUGIN_VERSION")) SteampipeAzureADPluginVersion = fmt.Sprintf("azuread@%s", os.Getenv("STEAMPIPE_AZURE_AD_PLUGIN_VERSION")) GCPCredentialFilePath string AWSRegions = []string{"us-east-1", "us-east-2", "us-west-1", "us-west-2", "af-south-1", "ap-east-1", "ap-south-2", "ap-southeast-3", "ap-southeast-5", "ap-southeast-4", "ap-south-1", "ap-northeast-3", "ap-northeast-2", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ca-central-1", "ca-west-1", "cn-north-1", "cn-northwest-1", "eu-central-1", "eu-west-1", "eu-west-2", "eu-south-1", "eu-west-3", "eu-south-2", "eu-north-1", "eu-central-2", "il-central-1", "me-south-1", "me-central-1", "sa-east-1"} )
View Source
var (
SleepTime = 5 * time.Second
)
Functions ¶
func GetAWSCredentialsConfig ¶
func GetCloudMetadata ¶
func GetCloudMetadata() (cloud_metadata.CloudMetadata, error)
func GetDatetimeNow ¶
func GetDatetimeNow() string
func GetOrgNodeID ¶
func InSlice ¶
func InSlice[T comparable](e T, s []T) bool
func RandomString ¶
func RestartSteampipeService ¶
func RestartSteampipeService()
Types ¶
type AccountsToRefresh ¶
type CloudTrailDetails ¶
type ComplianceControl ¶
type ComplianceControl struct { Results []ComplianceControlResult `json:"results"` ControlID string `json:"control_id"` Description string `json:"description"` Severity string `json:"severity"` Tags ComplianceTags `json:"tags"` Title string `json:"title"` }
type ComplianceControlResult ¶
type ComplianceDoc ¶
type ComplianceDoc struct { Timestamp string `json:"@timestamp"` Count int `json:"count,omitempty"` Reason string `json:"reason"` Resource string `json:"resource"` Status string `json:"status"` Region string `json:"region"` AccountID string `json:"account_id"` Group string `json:"group"` Service string `json:"service"` Title string `json:"title"` ComplianceCheckType string `json:"compliance_check_type"` CloudProvider string `json:"cloud_provider"` NodeName string `json:"node_name"` NodeID string `json:"connected_node_id"` ScanID string `json:"scan_id"` Type string `json:"type"` ControlID string `json:"control_id"` Description string `json:"description"` Severity string `json:"severity"` }
type ComplianceGroup ¶
type ComplianceGroup struct { GroupID string `json:"group_id"` Title string `json:"title"` Description string `json:"description"` Tags ComplianceTags `json:"tags"` ComplianceType string `json:"compliance_type"` Summary struct { Status ComplianceSummary `json:"status"` } `json:"summary"` Groups []ComplianceGroup `json:"groups"` Controls []ComplianceControl `json:"controls"` }
type ComplianceSummary ¶
type ComplianceTags ¶
type Config ¶
type Config struct { ManagementConsoleUrl string `envconfig:"MGMT_CONSOLE_URL" validate:"required" json:"management_console_url"` ManagementConsolePort string `envconfig:"MGMT_CONSOLE_PORT" default:"443" json:"management_console_port"` DeepfenceKey string `envconfig:"DEEPFENCE_KEY" validate:"required" json:"-"` CloudProvider string `envconfig:"CLOUD_PROVIDER" json:"cloud_provider"` CloudRegion string `envconfig:"CLOUD_REGION" json:"cloud_region"` EnabledCloudRegions string `envconfig:"ENABLED_CLOUD_REGIONS" json:"enabled_cloud_regions"` AccountID string `envconfig:"CLOUD_ACCOUNT_ID" json:"account_id"` DeployedAccountID string `envconfig:"DEPLOYED_ACCOUNT_ID" json:"deployed_account_id"` AccountName string `envconfig:"CLOUD_ACCOUNT_NAME" json:"account_name"` OrganizationID string `envconfig:"CLOUD_ORGANIZATION_ID" json:"organization_id"` IsOrganizationDeployment bool `envconfig:"ORGANIZATION_DEPLOYMENT" default:"false" json:"is_organization_deployment"` RoleName string `envconfig:"ROLE_NAME" json:"role_name"` AWSCredentialSource string `envconfig:"AWS_CREDENTIAL_SOURCE" json:"aws_credential_source"` CloudAuditLogsEnabled bool `envconfig:"CLOUD_AUDIT_LOGS_ENABLED" default:"true" json:"cloud_audit_logs_enabled"` CloudAuditLogsIDs []string `envconfig:"CLOUD_AUDIT_LOG_IDS" json:"cloud_audit_logs_ids"` HttpServerRequired bool `envconfig:"HTTP_SERVER_REQUIRED" default:"false" json:"http_server_required"` SuccessSignalUrl string `envconfig:"SUCCESS_SIGNAL_URL" json:"success_signal_url"` LogLevel string `envconfig:"DF_LOG_LEVEL" default:"info" json:"log_level"` ScanInactiveThreshold int `envconfig:"SCAN_INACTIVE_THRESHOLD" default:"21600" json:"scan_inactive_threshold"` CloudScannerPolicy string `envconfig:"CLOUD_SCANNER_POLICY" json:"cloud_scanner_policy"` DeploymentMode string `envconfig:"DEPLOYMENT_MODE" json:"deployment_mode"` GCPCredentials string `envconfig:"GCP_SERVICE_ACCOUNT_CREDENTIAL" json:"gcp_service_account_credential"` CloudMetadata cloudmetadata.CloudMetadata `ignored:"true" json:"cloud_metadata"` NodeID string `ignored:"true" json:"-"` Version string `ignored:"true" json:"version"` DatabasePersistenceSupported bool `ignored:"true" json:"database_persistence_supported"` InstallationID string `ignored:"true" json:"installation_id"` }
type MonitoredAccount ¶
type RefreshMetadata ¶
Click to show internal directories.
Click to hide internal directories.