identifycloudactors

package
v0.0.0-...-996ff4a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 6, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrNoCloudTrailEvents = errors.New("no events found")

Functions

func NewIdentifyCloudActors 

func NewIdentifyCloudActors(config Config, provider terraformValueObjects.Provider) (interfaces.IdentifyCloudActors, error)

NewIdentifyCloudActors returns a new instance of IdentifyCloudActors.

func NewIsolatedIdentifyCloudActors 

func NewIsolatedIdentifyCloudActors() interfaces.IdentifyCloudActors

NewIsolatedIdentifyCloudActors returns an instance of IdentifyCloudActors

Types

type AWSEnvironment 

type AWSEnvironment struct {
	AWSAccessKeyID     string `json:"awsAccessKeyID"`
	AWSSecretKeyAccess string `json:"awsSecretAccessKey"`
}

AWSEnvironment is a struct defining the credential values needed for authenticating with an AWS account.

type AWSLogQuerier 

type AWSLogQuerier struct {
	// contains filtered or unexported fields
}

AWSLogQuerier implements the LogQuerier interface for AWS.

func (*AWSLogQuerier) ExtractDataFromResourceResult 

func (alc *AWSLogQuerier) ExtractDataFromResourceResult(resourceResult []*cloudtrail.Event, resourceType string, isNewToTerraform bool) (terraformValueObjects.ResourceActions, error)

ExtractDataFromResourceResult parses the log response from the provider API and extracts needed data (namely who made the most recent relevant change to the resource).

func (*AWSLogQuerier) QueryForAllResources 

func (alc *AWSLogQuerier) QueryForAllResources(ctx context.Context) (terraformValueObjects.ResourceActionMap, error)

QueryForAllResources coordinates calls of QueryForResourcesInDivision for all divisions from which drifted resources have been identified.

func (*AWSLogQuerier) UpdateManagedDriftAttributeDifferences 

func (alc *AWSLogQuerier) UpdateManagedDriftAttributeDifferences(
	resourceActions terraformValueObjects.ResourceActionMap,
)

UpdateManagedDriftAttributeDifferences updates the RecentActor and RecentActionTimestamp fields for each struct within the alc.managedDriftAttributeDifferences slice.

type AuthenticationInfo 

type AuthenticationInfo struct {
	PrincipalEmail string `json:"principalEmail"`
}

AuthenticationInfo is a struct representing the authenticationInfo field of the ProtoPayload component of a GCP logging query response.

type Config 

type Config struct {
	// CloudCredential is a cloud credential with read-only access to a cloud division and, if applicable, access to read Terraform state files.
	CloudCredential terraformValueObjects.Credential `required:"true"`

	// Division is the cloud division to query for cloud actors.
	Division terraformValueObjects.Division
}

Config is a collection of query_param_data that parameterizes a IdentifyCloudActors instance.

type Entries 

type Entries struct {
	Entries []Entry `json:"entries"`
}

Entries is a struct representing the entries field of a GCP logging query response.

type Entry 

type Entry struct {
	ProtoPayload     ProtoPayload `json:"protoPayload"`
	ReceiveTimestamp string       `json:"receiveTimestamp"`
}

Entry is a struct representing a single entry in a GCP logging query response.

type Factory 

type Factory struct{}

Factory is a struct that generates implementations of interfaces.IdentifyCloudActors.

func (*Factory) Instantiate 

func (f *Factory) Instantiate(_ context.Context, environment string, provider terraformValueObjects.Provider, config Config) (interfaces.IdentifyCloudActors, error)

Instantiate returns an implementation of interfaces.IdentifyCloudActors depending on the passed environment specification.

type GCPAdminLogPostBody 

type GCPAdminLogPostBody struct {
	// ResourceNames are the names of one or more parent resources from which to retrieve log entries.
	// For our use case, each value will always take the form of "projects/[PROJECT_ID]"
	ResourceNames []string `json:"resourceNames"`

	// Filter is the filter of the resource specified within resourceNames.
	Filter string `json:"filter"`

	// OrderBy is the timeline order of returned results.
	OrderBy string `json:"orderBy"`

	// PageSize is the number of records to return.
	PageSize int `json:"pageSize"`
}

GCPAdminLogPostBody contains the fields needed for the body of a post request to the GCP api for getting admin action log data.

type GoogleLogQuerier 

type GoogleLogQuerier struct {
	// contains filtered or unexported fields
}

GoogleLogQuerier implements the LogQuerier interface for Google Cloud.

func (*GoogleLogQuerier) ExtractDataFromResourceResult 

func (glc *GoogleLogQuerier) ExtractDataFromResourceResult(resourceResult []byte, _ string, isNewToTerraform bool) (terraformValueObjects.ResourceActions, error)

ExtractDataFromResourceResult parses the log response from the provider API and extracts needed data (namely who made the most recent relevant change to the resource).

func (*GoogleLogQuerier) QueryForAllResources 

func (glc *GoogleLogQuerier) QueryForAllResources(ctx context.Context) (terraformValueObjects.ResourceActionMap, error)

QueryForAllResources coordinates calls of QueryForResourcesInDivision for all divisions from which drifted resources have been identified.

func (*GoogleLogQuerier) UpdateManagedDriftAttributeDifferences 

func (glc *GoogleLogQuerier) UpdateManagedDriftAttributeDifferences(
	divisionResourceActions terraformValueObjects.ResourceActionMap,
)

UpdateManagedDriftAttributeDifferences updates the RecentActor and RecentActionTimestamp fields for each struct within the alc.managedDriftAttributeDifferences slice.

type IdentifyCloudActors 

type IdentifyCloudActors struct {
	// contains filtered or unexported fields
}

IdentifyCloudActors implements the interfaces.IdentifyCloudActors interface.

func (*IdentifyCloudActors) Execute 

func (ica *IdentifyCloudActors) Execute(ctx context.Context) error

Execute creates structured query_param_data mapping new or drifted resources to the cloud actor (service principal or user) responsible for the latest changes for that resource.

type IsolatedIdentifyCloudActors 

type IsolatedIdentifyCloudActors struct{}

IsolatedIdentifyCloudActors is a struct that implements interfaces.IdentifyCloudActors for the purpose of running end to end unit tests.

func (*IsolatedIdentifyCloudActors) Execute 

func (c *IsolatedIdentifyCloudActors) Execute(_ context.Context) error

Execute calculates the association between resources and a state file.

type LogQuerier 

type LogQuerier interface {
	// QueryForAllResources coordinates API calls that receive data on user actions on individual resources.
	QueryForAllResources(ctx context.Context) (terraformValueObjects.ResourceActionMap, error)
}

LogQuerier is an interface for querying information from a single cloud providers administrative logs.

func NewAWSLogQuerier 

func NewAWSLogQuerier(
	config Config,
) (LogQuerier, error)

NewAWSLogQuerier instantiates a new instance of GoogleLogQuerier

func NewGoogleLogQuerier 

func NewGoogleLogQuerier(config Config) (LogQuerier, error)

NewGoogleLogQuerier instantiates a new instance of GoogleLogQuerier

func NewLogQuerier 

func NewLogQuerier(globalConfig Config, provider terraformValueObjects.Provider) (LogQuerier, error)

NewLogQuerier returns an instantiated LogQuerier implementation for the specified provider.

type ProtoPayload 

type ProtoPayload struct {
	MethodName         string             `json:"methodName"`
	AuthenticationInfo AuthenticationInfo `json:"authenticationInfo"`
}

ProtoPayload is a struct representing the protoPayload field of a GCP logging query response.

type UniqueDriftedResource 

type UniqueDriftedResource struct {
	InstanceID    string
	Region        string
	ResourceType  string
	ResourceName  string
	StateFileName driftDetector.StateFileName
}

UniqueDriftedResource is a type that represents a cloud resource that has drifted from its expected state. without any information on individual attributes that have drifted.

type UniqueDriftedResources 

type UniqueDriftedResources map[terraformValueObjects.ResourceName]UniqueDriftedResource

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.