cmd

package
v2.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2024 License: Apache-2.0 Imports: 104 Imported by: 0

Documentation

Overview

The commands behind the Lacework command-line interface (CLI)

Author:: Salim Afiune Maya (<afiune@lacework.net>) Copyright:: Copyright 2020, Lacework Inc. License:: Apache License, Version 2.0

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const (
	IconAgentless  = "[Agentless]"
	IconConfig     = "[Configuration]"
	IconCloudTrail = "[CloudTrail]"
)

Question labels

View Source
const (
	// DisableTelemetry is an environment variable that can be used to
	// disable telemetry sent to Honeycomb
	DisableTelemetry = "LW_TELEMETRY_DISABLE"

	// HomebrewInstall is an environment variable that denotes the
	// install method was via homebrew package manager
	HomebrewInstall = "LW_HOMEBREW_INSTALL"

	// ChocolateyInstall is an environment variable that denotes the
	// install method was via chocolatey package manager
	ChocolateyInstall = "LW_CHOCOLATEY_INSTALL"
)
View Source
const AlasRegex = `(?i)ALAS(2?)-\d{4}-\d{3,7}`
View Source
const (
	AzureCloudEnv = "POWERSHELL_DISTRIBUTION_CHANNEL"
)

Env variables found in GCP, AWS and Azure cloudshell. Used to determine if cli is running on cloudshell.

View Source
const ConfigBackupDir = "cfg_backups"

The name of the directory we will store backups of configuration files before migrating them

View Source
const CveRegex = `(?i)CVE-\d{4}-\d{4,7}`
View Source
const MaxCacheSize = 1024 * 1024 * 1024
View Source
const (
	ReasonUnset = -1
)

Variables

View Source
var (
	QuestionRunTfPlan        = "Run Terraform plan now?"
	QuestionUsePreviousCache = "Previous IaC generation detected, load cached values?"
)
View Source
var (
	// Define question text here so they can be reused in testing
	// Core questions
	QuestionEnableAwsOrganization = "Enable integrations for AWS organization?"
	QuestionMainAwsProfile        = "Main AWS account profile:"
	QuestionMainAwsRegion         = "Main AWS account region:"

	// Agentless questions
	QuestionEnableAgentless                  = "Enable Agentless integration?"
	QuestionAgentlessManagementAccountID     = "AWS management account ID:"
	QuestionAgentlessManagementAccountRegion = "AWS management account region:"

	QuestionAgentlessScanningAccountProfile = "Scanning AWS account profile:"
	QuestionAgentlessScanningAccountRegion  = "Scanning AWS account region:"
	QuestionAgentlessScanningAccountAddMore = "Add another scanning AWS account?"

	QuestionAgentlessScanningAccountsReplace = "Currently configured scanning accounts: %s, replace?"
	QuestionAgentlessMonitoredAccountIDs     = "Monitored AWS account ID list:"
	QuestionAgentlessMonitoredAccountIDsHelp = "Please provide a comma separated list that may " +
		"contain account IDs, OUs, or the organization root (e.g. 123456789000,ou-abcd-12345678,r-abcd)."

	QuestionAgentlessMonitoredAccountProfile = "Monitored AWS account profile:"
	QuestionAgentlessMonitoredAccountRegion  = "Monitored AWS account region:"

	// Config questions
	QuestionEnableConfig                    = "Enable Configuration integration?"
	QuestionConfigAdditionalAccountProfile  = "Additional AWS account profile:"
	QuestionConfigAdditionalAccountRegion   = "Additional AWS account region:"
	QuestionConfigAdditionalAccountsReplace = "Currently configured additional accounts: %s, replace?"
	QuestionConfigAdditionalAccountAddMore  = "Add another AWS account?"

	// Config Org questions
	QuestionConfigOrgLWAccount        = "Lacework account:"
	QuestionConfigOrgLWSubaccount     = "Lacework subaccount (optional):"
	QuestionConfigOrgLWAccessKeyId    = "Lacework access key ID:"
	QuestionConfigOrgLWSecretKey      = "Lacework secret key:"
	QuestionConfigOrgId               = "AWS organization ID:"
	QuestionConfigOrgUnits            = "AWS organization units (multiple can be supplied comma separated):"
	QuestionConfigOrgCfResourcePrefix = "Cloudformation resource prefix:"

	// CloudTrail questions
	QuestionEnableCloudtrail   = "Enable CloudTrail integration?"
	QuestionCloudtrailName     = "Existing trail name:"
	QuestionCloudtrailAdvanced = "Configure advanced options?"

	// CloudTrail Control Tower questions
	QuestionControlTower                         = "Is your AWS organzation using Control Tower?"
	QuestionControlTowerS3BucketArn              = "AWS Control Tower S3 bucket ARN:"
	QuestionControlTowerSnsTopicArn              = "AWS Control Tower SNS topic ARN:"
	QuestionControlTowerAuditAccountProfile      = "AWS Control Tower audit account profile:"
	QuestionControlTowerAuditAccountRegion       = "AWS Control Tower audit account region:"
	QuestionControlTowerLogArchiveAccountProfile = "AWS Control Tower log archive account profile:"
	QuestionControlTowerLogArchiveAccountRegion  = "AWS Control Tower log archive account region:"
	QuestionControlTowerKmsKeyArn                = "AWS Control Tower custom KMS Key ARN (optional):"

	// CloudTrail advanced options
	OptCloudtrailMessage = "Which options would you like to configure?"

	OptCloudtrailOrg       = "Configure org account mappings"
	OptCloudtrailKmsKeyArn = "Configure custom KMS key"
	OptCloudtrailS3        = "Configure S3 bucket"
	OptCloudtrailSNS       = "Configure SNS topic"
	OptCloudtrailSQS       = "Configure SQS queue"
	OptCloudtrailIAM       = "Configure an existing IAM role"
	OptCloudtrailDone      = "Done"

	// CloudTrail Org questions
	QuestionCloudtrailOrgAccountMappingsDefaultLWAccount = "Org account mappings default Lacework account:"
	QuestionCloudtrailOrgAccountMappingsAnotherAddMore   = "Add another org account mapping?"
	QuestionCloudtrailOrgAccountMappingsLWAccount        = "Lacework account:"
	QuestionCloudtrailOrgAccountMappingsAwsAccounts      = "AWS accounts:"

	// CloudTrail S3 Bucket Questions
	QuestionCloudtrailUseConsolidated          = "Use consolidated CloudTrail?"
	QuestionCloudtrailUseExistingTrail         = "Use an existing CloudTrail?"
	QuestionCloudtrailS3ExistingBucketArn      = "Existing S3 bucket ARN used for CloudTrail logs:"
	QuestionCloudtrailS3BucketEnableEncryption = "Enable S3 bucket encryption"

	QuestionCloudtrailS3BucketSseKeyArn    = "Existing KMS encryption key arn for S3 bucket (optional):"
	QuestionCloudtrailS3BucketName         = "New S3 bucket name (optional):"
	QuestionCloudtrailS3BucketNotification = "Enable S3 bucket notifications"

	// CloudTrail SNS Topic Questions
	QuestionCloudtrailUseExistingSNSTopic = "Use an existing SNS topic? (If not, S3 notification will be used)"
	QuestionCloudtrailSnsExistingTopicArn = "Existing SNS topic arn:"
	QuestionCloudtrailSnsEnableEncryption = "Enable encryption on SNS topic?"
	QuestionCloudtrailSnsEncryptionKeyArn = "Existing KMS encryption key arn for SNS topic (optional):"
	QuestionCloudtrailSnsTopicName        = "New SNS topic name (optional):"

	// CloudTrail SQS Queue Questions
	QuestionCloudtrailSqsEnableEncryption = "Enable encryption on SQS queue:"
	QuestionCloudtrailSqsEncryptionKeyArn = "Existing KMS encryption key arn for SQS queue (optional):"
	QuestionCloudtrailSqsQueueName        = "New SQS queue name (optional):"

	// CloudTrail IAM Role Questions
	QuestionCloudtrailExistingIamRoleName  = "Existing IAM role name for CloudTrail access:"
	QuestionCloudtrailExistingIamRoleArn   = "Existing IAM role ARN for CloudTrail access:"
	QuestionCloudtrailExistingIamRoleExtID = "External ID for the existing IAM role:"

	// Custom location Question
	QuestionAwsOutputLocation = "Custom output location (optional):"

	// Other options
	AwsAdvancedOptDone = "Done" // Used in aws controltower and eks_audit

	// AwsArnRegex original source: https://regex101.com/r/pOfxYN/1
	AwsArnRegex = `` //nolint
	/* 154-byte string literal not displayed */
	// AwsRegionRegex regex used for validating region input; note intentionally does not match gov cloud
	AwsRegionRegex              = `(af|ap|ca|eu|me|sa|us)-(central|(north|south)?(east|west)?)-\d`
	AwsProfileRegex             = `([A-Za-z_0-9-]+)`
	AwsAccountIDRegex           = `^\d{12}$`
	AwsOUIDRegex                = `^ou-[0-9a-z]{4,32}-[a-z0-9]{8,32}$`
	AWSRootIDRegex              = `^r-[0-9a-z]{4,32}$`
	AwsAssumeRoleRegex          = `^arn:aws:iam::\d{12}:role\/.*$`
	ValidateSubAccountFlagRegex = fmt.Sprintf(`%s:%s`, AwsProfileRegex, AwsRegionRegex)
	AwsCfResourcePrefixRegex    = `^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$`

	GenerateAwsCommandState = &aws.GenerateAwsTfConfigurationArgs{
		ExistingIamRole: &aws.ExistingIamRoleDetails{},
	}
	GenerateAwsCommandExtraState = &aws.AwsGenerateCommandExtraState{}

	CachedAwsArgsKey       = "iac-aws-generate-args"
	CachedAwsExtraStateKey = "iac-aws-extra-state"
)
View Source
var (
	QuestionAwsControlTowerCoreS3Bucket            = "Provide the Arn of the S3 Bucket for consolidated CloudTrail:"
	QuestionAwsControlTowerCoreSnsTopic            = "Provide the Arn of the SNS Topic:"
	QuestionAwsControlTowerCoreLogProfile          = "Provide the aws profile of the 'log_archive' account:"
	QuestionAwsControlTowerCoreLogRegion           = "Provide the aws region of the 'log_archive' account:"
	QuestionAwsControlTowerCoreAuditProfile        = "Provide the aws profile of the 'audit' account:"
	QuestionAwsControlTowerCoreAuditRegion         = "Provide the aws region of the 'audit' account:"
	QuestionAwsControlTowerConfigureAdvanced       = "Configure advanced integration options?"
	QuestionAwsControlTowerCustomizeOutputLocation = "Provide the location for the output to be written:"

	ControlTowerConfigureExistingIamRoleOpt                 = "Configure existing Iam Role?"
	QuestionAwsControlTowerCoreIamRoleName                  = "Specify Existing Iam Role name:"
	QuestionAwsControlTowerCoreIamRoleArn                   = "Specify Existing Iam Arn:"
	QuestionAwsControlTowerCoreIamRoleExternalID            = "Specify Existing Iam Role external ID:"
	ControlTowerIntegrationNameOpt                          = "Customize integration name?"
	QuestionControlTowerIntegrationName                     = "Specify a custom integration name:"
	ControlTowerIntegrationPrefixOpt                        = "Customize resource prefix name?"
	QuestionControlTowerPrefix                              = "Specify a prefix name for resources:"
	ControlTowerIntegrationSqsOpt                           = "Customize sqs queue name?"
	QuestionControlTowerSqsQueueName                        = "Specify a name for sqs queue:"
	QuestionControlTowerOrgAccountMappingsLWDefaultAccount  = "Specify org account mappings default Lacework account:"
	QuestionControlTowerOrgAccountMappingAnotherAdvancedOpt = "Configure another org account mapping?"
	QuestionControlTowerOrgAccountMappingsLWAccount         = "Specify lacework account: "
	QuestionControlTowerOrgAccountMappingsAwsAccounts       = "Specify aws accounts:"
	ControlTowerAdvancedOptLocation                         = "Customize output location"
	ControlTowerAdvancedOptMappings                         = "Configure Org Account Mappings"
	QuestionControlTowerAnotherAdvancedOpt                  = "Configure another advanced integration option?"
	ControlTowerAdvancedOptDone                             = "Done"

	GenerateAwsControlTowerCommandState      = &aws_controltower.GenerateAwsControlTowerTfConfigurationArgs{}
	GenerateAwsControlTowerCommandExtraState = &AwsControlTowerGenerateCommandExtraState{}
	CachedAssetAwsControlTowerIacParams      = "iac-aws-controltower-generate-params"
	CachedAssetAwsControlTowerExtraState     = "iac-aws-controltower-extra-state"
)
View Source
var (
	// Define question text here, so they can be reused in testing
	QuestionEksAuditMultiRegion          = "Integrate clusters in more than one region?"
	QuestionEksAuditRegionClusterCurrent = "Currently configured regions and clusters: %s. " +
		"Configure additional?"
	QuestionEksAuditRegion         = "Specify AWS region:"
	QuestionEksAuditRegionClusters = "Specify a comma-seperated list of clusters in region" +
		" to ingest EKS Audit Logs:"
	QuestionEksAuditAdditionalRegion = "Configure another AWS region?"

	QuestionEksAuditConfigureAdvanced = "Configure advanced integration options?"

	// S3 Bucket Questions
	QuestionUseExistingBucket          = "Use existing bucket?"
	QuestionExistingBucketArn          = "Specify an existing bucket ARN used for EKS audit log:"
	EksAuditConfigureBucket            = "Configure bucket settings"
	QuestionEksAuditBucketVersioning   = "Enable access versioning on the new bucket?"
	QuestionEksAuditMfaDeleteS3Bucket  = "Should MFA object deletion be required for the new bucket?"
	QuestionEksAuditBucketLifecycle    = "Specify the bucket lifecycle expiration days: (optional)"
	QuestionEksAuditBucketEncryption   = "Enable encryption for the new bucket?"
	QuestionEksAuditBucketSseAlgorithm = "Specify the bucket SSE Algorithm: (optional)"
	QuestionEksAuditBucketExistingKey  = "Use existing KMS key?"
	QuestionEksAuditBucketKeyArn       = "Specify the bucket existing SSE KMS key ARN:"
	QuestionEksAuditKmsKeyRotation     = "Should the KMS key have rotation enabled?"
	QuestionEksAuditKmsKeyDeletionDays = "Specify the KMS key deletion days: (optional)"

	// SNS Topic Questions
	EksAuditConfigureSns                = "Configure SNS settings"
	QuestionEksAuditSnsEncryption       = "Enable encryption on SNS topic when creating?"
	QuestionEksAuditSnsEncryptionKeyArn = "Specify existing KMS encryption key ARN for SNS topic (optional)"

	// Cloudwatch IAM Questions
	EksAuditExistingCwIamRole        = "Configure and use existing Cloudwatch IAM role"
	QuestionEksAuditExistingCwIamArn = "Specify an existing Cloudwatch IAM role ARN:"

	// Firehose Questions
	EksAuditConfigureFh                = "Configure Firehose settings"
	QuestionEksAuditExistingFhIamRole  = "Use existing Firehose IAM role?"
	QuestionEksAuditExistingFhIamArn   = "Specify an existing Firehose IAM role ARN:"
	QuestionEksAuditFhEncryption       = "Enable encryption on Firehose when creating?"
	QuestionEksAuditFhEncryptionKeyArn = "Specify existing KMS encryption key ARN for Firehose (optional)"

	// Cross Account IAM Questions
	EksAuditExistingCaIamRole          = "Configure and use existing Cross Account IAM role"
	QuestionEksAuditExistingCaIamArn   = "Specify an existing Cross Account IAM role ARN:"
	QuestionEksAuditExistingCaIamExtID = "Specify the external ID to be used with the existing IAM role:"

	// Customize integration name
	EksAuditIntegrationNameOpt            = "Customize integration name"
	QuestionEksAuditCustomIntegrationName = "Specify a custom integration name: (optional)"

	// Customize output location
	EksAuditAdvancedOptLocation             = "Customize output location"
	QuestionEksAuditCustomizeOutputLocation = "Provide the location for the output to be written:"

	QuestionEksAuditAnotherAdvancedOpt = "Configure another advanced integration option"
	EksAuditAdvancedOptDone            = "Done"

	// AwsEksAuditRegionRegex regex used for validating region input; note intentionally does not match gov cloud
	AwsEksAuditRegionRegex = `(af|ap|ca|eu|me|sa|us)-(central|(north|south)?(east|west)?)-\d`

	GenerateAwsEksAuditCommandState      = &aws_eks_audit.GenerateAwsEksAuditTfConfigurationArgs{}
	GenerateAwsEksAuditCommandExtraState = &AwsEksAuditGenerateCommandExtraState{}
	GenerateAwsEksAuditExistingRoleState = &aws_eks_audit.ExistingCrossAccountIamRoleDetails{}
	CachedAssetAwsEksAuditIacParams      = "iac-aws-eks-audit-generate-params"
	CachedAssetAwsEksAuditExtraState     = "iac-aws-eks-audit-extra-state"
)
View Source
var (
	// Define question text here so they can be reused in testing
	QuestionAzureEnableConfig        = "Enable Azure configuration integration?"
	QuestionAzureConfigName          = "Specify custom configuration integration name: (optional)"
	QuestionEnableActivityLog        = "Enable Azure Activity Log Integration?"
	QuestionActivityLogName          = "Specify custom Activity Log integration name: (optional)"
	QuestionEnableEntraIdActivityLog = "Enable Azure Entra ID Activity Log Integration?"
	QuestionEntraIdActivityLogName   = "Specify custom EntraID Activity Log integration name: (optional)"
	QuestionAddAzureSubscriptionID   = "Set Azure Subscription ID?"
	QuestionAzureSubscriptionID      = "Specify the Azure Subscription ID to be used to provision Lacework resources:"

	QuestionAzureAnotherAdvancedOpt      = "Configure another advanced integration option"
	QuestionAzureConfigAdvanced          = "Configure advanced integration options?"
	QuestionAzureCustomizeOutputLocation = "Provide the location for the output to be written:"

	// EntraID Activity Log
	QuestionEventHubLocation       = "Specify Azure region where the event hub for logging will reside"
	QuestionEventHubPartitionCount = "Specify the number of partitions in the event hub for logging"

	// Active Directory
	QuestionEnableAdIntegration = "Create Active Directory Integration?"
	QuestionADApplicationPass   = "Specify the password of an existing Active Directory application"
	QuestionADApplicationId     = "Specify the ID of an existing Active Directory application"
	QuestionADServicePrincpleId = "Specify the Service Principle ID of an existing Active Directory application"

	// Storage Account
	QuestionUseExistingStorageAccount   = "Use an existing Storage Account?"
	QuestionAzureRegion                 = "Specify the Azure region to be used by Storage Account logging"
	QuestionStorageAccountName          = "Specify existing Storage Account name"
	QuestionStorageAccountResourceGroup = "Specify existing Storage Account Resource Group"

	QuestionStorageLocation = "Specify Azure region where Storage Account for logging resides "

	// Subscriptions
	QuestionEnableAllSubscriptions = "Enable all subscriptions?"
	QuestionSubscriptionIds        = "Specify list of subscription ids to enable logging"

	// Management Group
	QuestionEnableManagementGroup = "Enable Management Group level Integration?"
	QuestionManagementGroupId     = "Specify Management Group ID"

	// Select options
	AzureAdvancedOptDone       = "Done"
	AdvancedAdIntegration      = "Configure Lacework integration with an existing Active Directory (optional)"
	AzureExistingStorageAcount = "Configure Storage Account (optional)"
	AzureSubscriptions         = "Configure Subscriptions (optional)"
	AzureManagmentGroup        = "Configure Management Group (optional)"
	AzureStorageGroup          = "Configure Storage Group (optional)"
	AzureUserIntegrationNames  = "Customize integration name(s)"
	AzureAdvancedOptLocation   = "Customize output location (optional)"
	AzureRegionStorage         = "Customize Azure region for Storage Account (optional)"
	AzureEntraIdAdvancedOpt    = "Configure Entra ID activity log integration advanced options"

	GenerateAzureCommandState      = &azure.GenerateAzureTfConfigurationArgs{}
	GenerateAzureCommandExtraState = &AzureGenerateCommandExtraState{}
	CachedAzureAssetIacParams      = "iac-azure-generate-params"
	CachedAzureAssetExtraState     = "iac-azure-extra-state"
)
View Source
var (
	// Define question text here to be reused in testing
	QuestionGcpEnableAgentless         = "Enable Agentless integration?"
	QuestionGcpEnableConfiguration     = "Enable Configuration integration?"
	QuestionGcpEnableAuditLog          = "Enable Audit Log integration?"
	QuestionGcpOrganizationIntegration = "Organization integration?"
	QuestionGcpOrganizationID          = "Specify the GCP organization ID:"
	QuestionGcpProjectID               = "Specify the project ID to be used to provision Lacework resources:"
	QuestionGcpServiceAccountCredsPath = "Specify service account credentials JSON path: (optional)"

	QuestionGcpConfigureAdvanced             = "Configure advanced integration options?"
	GcpAdvancedOptExistingServiceAccount     = "Configure & use existing service account"
	QuestionExistingServiceAccountName       = "Specify an existing service account name:"
	QuestionExistingServiceAccountPrivateKey = "Specify an existing service account private key (base64 encoded):"

	GcpAdvancedOptAgentless      = "Configure additional Agentless options"
	QuestionGcpProjectFilterList = "Specify a comma separated list of Google Cloud projects that " +
		"you want to monitor: (optional)"
	QuestionGcpRegions = "Specify a comma separated list of regions to deploy Agentless:"

	GcpAdvancedOptAuditLog      = "Configure additional Audit Log options"
	QuestionGcpUseExistingSink  = "Use an existing sink?"
	QuestionGcpExistingSinkName = "Specify the existing sink name"

	GcpAdvancedOptIntegrationName           = "Customize integration name(s)"
	QuestionGcpConfigurationIntegrationName = "Specify a custom configuration integration name: (optional)"
	QuestionGcpAuditLogIntegrationName      = "Specify a custom Audit Log integration name: (optional)"

	QuestionGcpAnotherAdvancedOpt      = "Configure another advanced integration option"
	GcpAdvancedOptLocation             = "Customize output location"
	GcpAdvancedOptProjects             = "Configure multiple projects"
	QuestionGcpCustomizeOutputLocation = "Provide the location for the output to be written:"
	QuestionGcpCustomizeProjects       = "Provide comma separated list of project ID"
	QuestionGcpCustomFilter            = "Specify a custom Audit Log filter which supersedes all other filter options"
	GcpAdvancedOptDone                 = "Done"

	// GcpRegionRegex regex used for validating region input
	GcpRegionRegex = `(asia|australia|europe|northamerica|southamerica|us)-(central|(north|south)?(east|west)?)\d`

	GenerateGcpCommandState                  = &gcp.GenerateGcpTfConfigurationArgs{}
	GenerateGcpExistingServiceAccountDetails = &gcp.ExistingServiceAccountDetails{}
	GenerateGcpCommandExtraState             = &GcpGenerateCommandExtraState{}
	CachedGcpAssetIacParams                  = "iac-gcp-generate-params"
	CachedAssetGcpExtraState                 = "iac-gcp-extra-state"

	InvalidProjectIDMessage = "invalid GCP project ID. " +
		"It must be 6 to 30 lowercase ASCII letters, digits, or hyphens. " +
		"It must start with a letter. Trailing hyphens are prohibited. Example: tokyo-rain-123"
)
View Source
var (
	QuestionGkeOrganizationIntegration = "Organization integration?"
	QuestionGkeOrganizationID          = "Specify the GCP organization ID:"
	QuestionGkeProjectID               = "Specify the project ID to be used to provision Lacework resources:"
	QuestionGkeServiceAccountCredsPath = "Specify service account credentials JSON path: (optional)"

	QuestionGkeConfigureAdvanced  = "Configure advanced integration options?"
	GkeAdvancedOpt                = "Configure additional options"
	QuestionGkeUseExistingSink    = "Use an existing sink?"
	QuestionGkeExistingSinkName   = "Specify the existing sink name"
	GkeAdvancedOptIntegrationName = "Customize integration name(s)"
	QuestionGkeIntegrationName    = "Specify a custom integration name: (optional)"

	GkeAdvancedOptExistingServiceAccount        = "Configure & use existing service account"
	QuestionGkeExistingServiceAccountName       = "Specify an existing service account name:"
	QuestionGkeExistingServiceAccountPrivateKey = "Specify an existing service account private key" +
		" (base64 encoded):" // guardrails-disable-line

	GkeAdvancedOptLocation             = "Customize output location"
	QuestionGkeCustomizeOutputLocation = "Provide the location for the output to be written:"
	QuestionGkeAnotherAdvancedOpt      = "Configure another advanced integration option"
	GkeAdvancedOptDone                 = "Done"

	GenerateGkeCommandState           = &gcp.GenerateGkeTfConfigurationArgs{}
	GenerateGkeExistingServiceAccount = &gcp.ServiceAccount{}
	GenerateGkeCommandExtraState      = &GkeGenerateCommandExtraState{}
	CachedGkeAssetIacParams           = "iac-gke-generate-params"
	CachedGkeAssetExtraState          = "iac-gke-extra-state"
)
View Source
var (
	// questions
	QuestionOciEnableConfig            = "Enable configuration integration?"
	QuestionOciTenantOcid              = "Specify the OCID of the tenant to be integrated"
	QuestionOciUserEmail               = "Specify the email address to associate with the integration OCI user"
	QuestionOciConfigAdvanced          = "Configure advanced integration options?"
	QuestionOciConfigName              = "Specify name of configuration integration (optional)"
	QuestionOciCustomizeOutputLocation = "Provide the location for the output to be written:"
	QuestionOciAnotherAdvancedOpt      = "Configure another advanced integration option"

	// options
	OciAdvancedOptDone            = "Done"
	OciAdvancedOptLocation        = "Customize output location"
	OciAdvancedOptIntegrationName = "Customize integration name"

	// state
	GenerateOciCommandState      = &oci.GenerateOciTfConfigurationArgs{}
	GenerateOciCommandExtraState = &OciGenerateCommandExtraState{}

	// cache keys
	CachedOciAssetIacParams  = "iac-oci-generate-params"
	CachedAssetOciExtraState = "iac-oci-extra-state"
)
View Source
var (
	CreateReportDefinitionQuestion              = "Create from an existing report definition template?"
	CreateReportDefinitionReportNameQuestion    = "Report Name: "
	CreateReportDefinitionDisplayNameQuestion   = "Display Name: "
	CreateReportDefinitionReportSubTypeQuestion = "Report SubType: "
	CreateReportDefinitionAddSectionQuestion    = "Add another policy section?"
	CreateReportDefinitionSectionTitleQuestion  = "Section Title: "
	CreateReportDefinitionPoliciesQuestion      = "Select Policies in this Section: "
	SelectReportDefinitionQuestion              = "Select an existing report definition as a template?"

	UpdateReportDefinitionQuestion                   = "Update report definition in editor?"
	UpdateReportDefinitionReportNameQuestion         = "Report Name: "
	UpdateReportDefinitionDisplayNameQuestion        = "Display Name: "
	UpdateReportDefinitionEditSectionQuestion        = "Update an existing policy section?"
	UpdateReportDefinitionEditAnotherSectionQuestion = "Update another existing policy section?"
	UpdateReportDefinitionAddSectionQuestion         = "Add a new policy section?"
	UpdateReportDefinitionSelectSectionQuestion      = "Select a section to edit"
)
View Source
var (
	CreateReportDistributionReportNameQuestion     = "Report Distribution Name: "
	CreateReportDistributionFrequencyQuestion      = "Select Frequency: "
	CreateReportDistributionDefinitionQuestion     = "Select Report Definition: "
	CreateReportDistributionAlertChannelsQuestion  = "Select Alert Channels: "
	CreateReportDistributionResourceGroupsQuestion = "Select Resource Groups: "
	CreateReportDistributionIntegrationAwsQuestion = "Select Aws Accounts: "
	CreateReportDistributionAddSeveritiesQuestion  = "Add Severities? "
	CreateReportDistributionSeveritiesQuestion     = "Select Severities: "
	CreateReportDistributionAddViolationsQuestion  = "Add Violations? "
	CreateReportDistributionScopeQuestion          = "Select Distribution Scope:"
	CreateReportDistributionViolationsQuestion     = "Select Violations: "
	UpdateReportDistributionReportNameQuestion     = "Update Report Distribution Name? "
	UpdateReportDistributionFrequencyQuestion      = "Update Frequency?"
	UpdateReportDistributionAlertChannelsQuestion  = "Update Alert Channels? "
	UpdateReportDistributionAddSeveritiesQuestion  = "Update Severities? "
	UpdateReportDistributionAddViolationsQuestion  = "Update Violations? "
)
View Source
var (
	// All the following "unknown" variables are being injected at
	// build time via the cross-platform directive inside the Makefile
	//
	// Version is the semver coming from the VERSION file
	Version = "unknown"

	// GitSHA is the git ref that the cli was built from
	GitSHA = "unknown"

	// BuildTime is a human-readable time when the cli was built at
	BuildTime = "unknown"

	// The name of the version cache file needed for daily version checks
	VersionCacheFile = "version_cache"
)
View Source
var (
	// HoneyDataset is the dataset in Honeycomb that we send tracing
	// data this variable will be set depending on the environment we
	// are running on. During development, we send all events and
	// tracing data to a default dataset.
	HoneyDataset = "lacework-cli-dev"
)
View Source
var SupportedPackageManagers = []string{"dpkg-query", "rpm"} // @afiune can we support yum and apk?

Functions

func CDKComponentJSON

func CDKComponentJSON(component *lwcomponent.CDKComponent) error

func CDKComponentsJSON

func CDKComponentsJSON(catalog *lwcomponent.Catalog) error

func CacheTransform

func CacheTransform(key string) *diskv.PathKey

func DisplayTerraformPlanChanges

func DisplayTerraformPlanChanges(tf *tfexec.Terraform, data TfPlanChangesSummary) (bool, error)

DisplayTerraformPlanChanges used to display the results of a plan

returns true if apply should run, false to exit

func Execute

func Execute() (err error)

Execute adds all child commands to the root command and sets flags appropriately. This is called by main.main(). It only needs to happen once to the rootCmd.

func GenerateMarkdownDocs

func GenerateMarkdownDocs(location string) error

func InverseCacheTransform

func InverseCacheTransform(pathKey *diskv.PathKey) string

func LoadCatalog

func LoadCatalog(componentName string, getAllVersions bool) (*lwcomponent.Catalog, error)

func LocateOrInstallTerraform

func LocateOrInstallTerraform(forceInstall bool, workingDir string) (*tfexec.Terraform, error)

LocateOrInstallTerraform Determine if terraform is installed, if that version is new enough, and if not install a new ephemeral binary of the correct version into tmp location

forceInstall: if set always install ephemeral binary

func NewDefaultState

func NewDefaultState() *cliState

NewDefaultState creates a new cliState with some defaults

func NewQueryFailonError

func NewQueryFailonError(failonCount string, count int) *queryFailonError

func NewVulnerabilityPolicyError

func NewVulnerabilityPolicyError(
	assessment api.VulnerabilityAssessment,
	failOnSeverity string, failOnFixable bool,
) *vulnerabilityPolicyError

func NewVulnerabilityPolicyErrorV2

func NewVulnerabilityPolicyErrorV2(
	assessment api.VulnerabilitiesContainersResponse,
	failOnSeverity string, failOnFixable bool,
) *vulnerabilityPolicyError

func SurveyMultipleQuestionWithValidation

func SurveyMultipleQuestionWithValidation(questions []SurveyQuestionWithValidationArgs, checks ...bool) error

SurveyMultipleQuestionWithValidation Prompt for many values at once

checks: If supplied check(s) are true, questions will be asked

func SurveyQuestionInteractiveOnly

func SurveyQuestionInteractiveOnly(question SurveyQuestionWithValidationArgs) error

SurveyQuestionInteractiveOnly Prompt use for question, only if the CLI is in interactive mode

func TerraformExecApply

func TerraformExecApply(tf *tfexec.Terraform) error

TerraformExecApply Run terraform apply using the workingDir from *tfexec.Terraform

- Run plan - Get plan file details (returned)

func TerraformExecutePreRunCheck

func TerraformExecutePreRunCheck(outputLocation string, cloud string) (bool, error)

func TerraformInit

func TerraformInit(tf *tfexec.Terraform) error

func TerraformPlanAndExecute

func TerraformPlanAndExecute(workingDir string) error

Execute a terraform plan & execute

Types

type AwsControlTowerGenerateCommandExtraState

type AwsControlTowerGenerateCommandExtraState struct {
	AskAdvanced             bool
	Output                  string
	ConfigureBucketSettings bool
	UseExistingKmsKey       bool
	MultiRegion             bool
	TerraformApply          bool
}

type AwsEksAuditGenerateCommandExtraState

type AwsEksAuditGenerateCommandExtraState struct {
	AskAdvanced             bool
	Output                  string
	ConfigureBucketSettings bool
	UseExistingKmsKey       bool
	MultiRegion             bool
	TerraformApply          bool
}

type AzureGenerateCommandExtraState

type AzureGenerateCommandExtraState struct {
	AskAdvanced    bool
	Output         string
	TerraformApply bool
}

type CmdFilters

type CmdFilters struct {
	Filters []string
}

Used to store the list of available filters from a CLI command

E.g. get available filters for a cobra.Command.Long

```go

dummyCmdState = struct {
    // The available filters
    AvailableFilters CmdFilters

    // List of filters to apply
    Filters []string
	}{}

dummyCmdState := &cobra.Command{
    Long: `The available keys for this command are:

` + stringSliceToMarkdownList(

dummyCmdState.AvailableFilters.GetFiltersFrom(
    api.MachineDetailEntity{},
 ),

)} ```

func (*CmdFilters) GetFiltersFrom

func (f *CmdFilters) GetFiltersFrom(T interface{}) []string

type GcpGenerateCommandExtraState

type GcpGenerateCommandExtraState struct {
	AskAdvanced               bool
	Output                    string
	UseExistingServiceAccount bool
	UseExistingSink           bool
	TerraformApply            bool
}

type GkeGenerateCommandExtraState

type GkeGenerateCommandExtraState struct {
	AskAdvanced                bool
	Output                     string
	ConfigureNewBucketSettings bool
	UseExistingServiceAccount  bool
	UseExistingSink            bool
	TerraformApply             bool
}

type LCLContentType

type LCLContentType string
const (
	LCLQueryType  LCLContentType = "query"
	LCLPolicyType LCLContentType = "policy"
)

type LCLPolicy

type LCLPolicy struct {
	PolicyID    string         `json:"policyId"`
	Title       string         `json:"title"`
	Description string         `json:"description"`
	Tags        []string       `json:"tags"`
	QueryID     string         `json:"queryId"`
	References  []LCLReference `json:"references"`
}

type LCLQuery

type LCLQuery struct {
	References []LCLReference `json:"references"`
}

type LCLReference

type LCLReference struct {
	ID   string         `json:"id"`
	Type LCLContentType `json:"content_type"`
	Path string         `json:"path"`
	URI  string         `json:"uri"`
}

type LaceworkContentLibrary

type LaceworkContentLibrary struct {
	Component  *lwcomponent.Component
	Queries    map[string]LCLQuery  `json:"queries"`
	Policies   map[string]LCLPolicy `json:"policies"`
	PolicyTags map[string][]string  `json:"policy_tags"`
}

func (*LaceworkContentLibrary) GetPoliciesByTag

func (lcl *LaceworkContentLibrary) GetPoliciesByTag(t string) map[string]LCLPolicy

func (*LaceworkContentLibrary) GetPolicy

func (lcl *LaceworkContentLibrary) GetPolicy(id string) (string, error)

func (*LaceworkContentLibrary) GetQuery

func (lcl *LaceworkContentLibrary) GetQuery(id string) (string, error)

type OS

type OS struct {
	Name    string
	Version string
}

type OciGenerateCommandExtraState

type OciGenerateCommandExtraState struct {
	AskAdvanced    bool
	Output         string
	TerraformApply bool
}

type PolicyExceptionSurveyQuestion

type PolicyExceptionSurveyQuestion struct {
	// contains filtered or unexported fields
}

type PolicySyncOperation

type PolicySyncOperation struct {
	ID          string
	ContentType string
	Operation   string
}

type SurveyQuestionWithValidationArgs

type SurveyQuestionWithValidationArgs struct {
	Prompt survey.Prompt
	// Supplied checks can be used to validate IF the question should be asked
	Checks   []*bool
	Response interface{}
	Opts     []survey.AskOpt
	Required bool
	Icon     string
}

type TfPlanChangesSummary

type TfPlanChangesSummary struct {
	// contains filtered or unexported fields
}

func TerraformExecPlan

func TerraformExecPlan(tf *tfexec.Terraform) (*TfPlanChangesSummary, error)

TerraformExecPlan Run terraform plan using the workingDir from *tfexec.Terraform

- Run plan - Get plan file details (returned)

type VulnCveSummary

type VulnCveSummary struct {
	Host      api.VulnerabilityHost
	Count     int
	Hostnames []string
}

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL