Documentation ¶
Overview ¶
A package that generates Lacework deployment code for Azure cloud.
Index ¶
- type AzureTerraformModifier
- func WithActivityLogIntegrationName(name string) AzureTerraformModifier
- func WithAdApplicationId(AdApplicationId string) AzureTerraformModifier
- func WithAdApplicationPassword(AdApplicationPassword string) AzureTerraformModifier
- func WithAdServicePrincipalId(AdServicePrincipalId string) AzureTerraformModifier
- func WithAllSubscriptions(allSubscriptions bool) AzureTerraformModifier
- func WithConfigIntegrationName(name string) AzureTerraformModifier
- func WithCustomOutputs(outputs []lwgenerate.HclOutput) AzureTerraformModifier
- func WithEntraIdActivityLogIntegrationName(name string) AzureTerraformModifier
- func WithEventHubLocation(location string) AzureTerraformModifier
- func WithEventHubPartitionCount(partitionCount int) AzureTerraformModifier
- func WithExistingStorageAccount(existingStorageAccount bool) AzureTerraformModifier
- func WithExtraAZRMArguments(arguments map[string]interface{}) AzureTerraformModifier
- func WithExtraAZReadArguments(arguments map[string]interface{}) AzureTerraformModifier
- func WithExtraBlocks(blocks []*hclwrite.Block) AzureTerraformModifier
- func WithExtraRootBlocks(blocks []*hclwrite.Block) AzureTerraformModifier
- func WithLaceworkProfile(name string) AzureTerraformModifier
- func WithManagementGroup(enableManagentGroup bool) AzureTerraformModifier
- func WithManagementGroupId(managementGroupId string) AzureTerraformModifier
- func WithStorageAccountName(storageAccountName string) AzureTerraformModifier
- func WithStorageAccountResourceGroup(storageAccountResourceGroup string) AzureTerraformModifier
- func WithStorageLocation(location string) AzureTerraformModifier
- func WithSubscriptionID(subcriptionID string) AzureTerraformModifier
- func WithSubscriptionIds(subscriptionIds []string) AzureTerraformModifier
- type GenerateAzureTfConfigurationArgs
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AzureTerraformModifier ¶
type AzureTerraformModifier func(c *GenerateAzureTfConfigurationArgs)
func WithActivityLogIntegrationName ¶ added in v0.30.0
func WithActivityLogIntegrationName(name string) AzureTerraformModifier
WithActivityLogIntegrationName Set the Activity Log Integration name to be displayed on the Lacework UI
func WithAdApplicationId ¶
func WithAdApplicationId(AdApplicationId string) AzureTerraformModifier
WithAdApplicationId Set Active Directory application id
func WithAdApplicationPassword ¶
func WithAdApplicationPassword(AdApplicationPassword string) AzureTerraformModifier
WithAdApplicationPassword Set the Active Directory password
func WithAdServicePrincipalId ¶
func WithAdServicePrincipalId(AdServicePrincipalId string) AzureTerraformModifier
WithAdServicePrincipalId Set Active Directory principal id
func WithAllSubscriptions ¶
func WithAllSubscriptions(allSubscriptions bool) AzureTerraformModifier
WithAllSubscriptions Grant read access to ALL subscriptions within the selected Tenant (overrides 'subscription_ids')
func WithConfigIntegrationName ¶
func WithConfigIntegrationName(name string) AzureTerraformModifier
WithConfigIntegrationName Set the Config Integration name to be displayed on the Lacework UI
func WithCustomOutputs ¶ added in v1.51.0
func WithCustomOutputs(outputs []lwgenerate.HclOutput) AzureTerraformModifier
WithConfigOutputs Set Custom Terraform Outputs
func WithEntraIdActivityLogIntegrationName ¶ added in v1.53.0
func WithEntraIdActivityLogIntegrationName(name string) AzureTerraformModifier
WithEntraIdActivityLogIntegrationName Set the Entra ID Activity Log Integration name to be displayed on the Lacework UI
func WithEventHubLocation ¶ added in v1.53.0
func WithEventHubLocation(location string) AzureTerraformModifier
WithEventHubLocation The Azure region where the event hub for logging resides
func WithEventHubPartitionCount ¶ added in v1.53.0
func WithEventHubPartitionCount(partitionCount int) AzureTerraformModifier
WitthEventHubPartitionCount The number of partitions in the Event Hub for logging
func WithExistingStorageAccount ¶
func WithExistingStorageAccount(existingStorageAccount bool) AzureTerraformModifier
WithExistingStorageAccount Use an existing Storage Account
func WithExtraAZRMArguments ¶ added in v1.51.0
func WithExtraAZRMArguments(arguments map[string]interface{}) AzureTerraformModifier
WithExtraAZRMArguments enables adding additional arguments into the `azurerm` provider block this enables custom use cases
func WithExtraAZReadArguments ¶ added in v1.51.0
func WithExtraAZReadArguments(arguments map[string]interface{}) AzureTerraformModifier
WithExtraAZReadArguments enables adding additional arguments into the `azuread` provider block this enables custom use cases
func WithExtraBlocks ¶ added in v1.51.0
func WithExtraBlocks(blocks []*hclwrite.Block) AzureTerraformModifier
WithExtraBlocks enables adding additional arbitrary blocks to the root hcl document
func WithExtraRootBlocks ¶ added in v1.51.0
func WithExtraRootBlocks(blocks []*hclwrite.Block) AzureTerraformModifier
WithExtraRootBlocks allows adding generic hcl blocks to the root `terraform{}` block this enables custom use cases
func WithLaceworkProfile ¶ added in v0.43.0
func WithLaceworkProfile(name string) AzureTerraformModifier
func WithManagementGroup ¶
func WithManagementGroup(enableManagentGroup bool) AzureTerraformModifier
WithManagementGroup Enable the Management Group to allow AD to be reader on management group rather then subscription
func WithManagementGroupId ¶
func WithManagementGroupId(managementGroupId string) AzureTerraformModifier
WithManagementGroupId The Group Id to add reader permissions
func WithStorageAccountName ¶
func WithStorageAccountName(storageAccountName string) AzureTerraformModifier
WithStorageAccountName The name of the Storage Account
func WithStorageAccountResourceGroup ¶
func WithStorageAccountResourceGroup(storageAccountResourceGroup string) AzureTerraformModifier
WithStorageAccountResourceGroup The Resource Group for the existing Storage Account
func WithStorageLocation ¶
func WithStorageLocation(location string) AzureTerraformModifier
WithStorageLocation The Azure region where storage account for logging is
func WithSubscriptionID ¶ added in v1.13.1
func WithSubscriptionID(subcriptionID string) AzureTerraformModifier
func WithSubscriptionIds ¶
func WithSubscriptionIds(subscriptionIds []string) AzureTerraformModifier
WithSubscriptionIds List of subscriptions to to enable logging
type GenerateAzureTfConfigurationArgs ¶
type GenerateAzureTfConfigurationArgs struct { // Should we configure Activity Log integration in LW? ActivityLog bool // Should we add Config integration in LW? Config bool // Should we create an Entra ID integration in LW? EntraIdActivityLog bool // Should we create an Active Directory integration CreateAdIntegration bool // If Config is true, give the user the opportunity to name their integration. Defaults to "TF Config" ConfigIntegrationName string // If ActivityLog is true, give the user the opportunity to name their integration. Defaults to "TF activity log" ActivityLogIntegrationName string // If EntraIdIntegration is true, give the user the opportunity to name their integration. // Defaults to "TF Entra ID activity log" EntraIdIntegrationName string // Active Directory application Id AdApplicationId string // Active Directory password AdApplicationPassword string // Active Directory Enterprise app object id AdServicePrincipalId string // Should we use the management group, rather than subscription ManagementGroup bool // Management Group ID to set ManagementGroupId string // List of subscription Ids SubscriptionIds []string // Subscription ID configured in azurerm provider block SubscriptionID string // Grant read access to ALL subscriptions AllSubscriptions bool // Storage Account name StorageAccountName string // Storage Account Resource Group StorageAccountResourceGroup string // Should we use existing storage account ExistingStorageAccount bool // Azure region where the storage account for logging resides StorageLocation string LaceworkProfile string // Azure region where the event hub for logging will reside EventHubLocation string // Number of partitions in the Event Hub for logging EventHubPartitionCount int // Add custom blocks to the root `terraform{}` block. Can be used for advanced configuration. Things like backend, etc ExtraBlocksRootTerraform []*hclwrite.Block // ExtraAZRMArguments allows adding more arguments to the provider block as needed (custom use cases) ExtraAZRMArguments map[string]interface{} // ExtraAZReadArguments allows adding more arguments to the provider block as needed (custom use cases) ExtraAZReadArguments map[string]interface{} // ExtraBlocks allows adding more hclwrite.Block to the root terraform document (advanced use cases) ExtraBlocks []*hclwrite.Block // Custom outputs CustomOutputs []lwgenerate.HclOutput }
func NewTerraform ¶
func NewTerraform( enableConfig bool, enableActivityLog bool, enableEntraIdActivityLog, createAdIntegration bool, mods ...AzureTerraformModifier, ) *GenerateAzureTfConfigurationArgs
NewTerraform returns an instance of the GenerateAzureTfConfigurationArgs struct with the provided enabled settings (config/activity log).
Note: Additional configuration details may be set using modifiers of the AzureTerraformModifier type
func (*GenerateAzureTfConfigurationArgs) Generate ¶
func (args *GenerateAzureTfConfigurationArgs) Generate() (string, error)
Generate new Terraform code based on the supplied args.