api

package
v1.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2023 License: Apache-2.0 Imports: 30 Imported by: 4

README

Go API Client

A Golang API client for interacting with the Lacework API.

Usage

Download the library into your $GOPATH:

$ go get github.com/lacework/go-sdk/api

Import the library into your tool:

import "github.com/lacework/go-sdk/api"

Requirements

To interact with Lacework's API you need to have:

  1. A Lacework account
  2. Either API access keys or token for authentication

Examples

Create a new Lacework client that will automatically generate a new access token from the provided set of API keys, then hit the /external/integrations endpoint to list all available integrations from your account:

package main

import (
	"fmt"
	"log"

	"github.com/lacework/go-sdk/api"
)

func main() {
	lacework, err := api.NewClient("account",
		api.WithTokenFromKeys("KEY", "SECRET"),
	)
	if err != nil {
		log.Fatal(err)
	}

	integrations, err := lacework.Integrations.List()
	if err != nil {
		log.Fatal(err)
	}

	// Output:
	// CUSTOMER_123456B DATADOG
	// CUSTOMER_123456A CONT_VULN_CFG
	// CUSTOMER_123456C PAGER_DUTY_API
	fmt.Println(integrations.String())
}

Look at the _examples/ folder for more examples.

Documentation

Index

Constants

View Source 
const (
	// The list of valid inputs for DatadogSite field
	DatadogSiteEu  datadogSite = "eu"
	DatadogSiteCom datadogSite = "com"

	// The list of valid inputs for DatadogService field
	DatadogServiceLogsDetails   datadogService = "Logs Detail"
	DatadogServiceEventsSummary datadogService = "Events Summary"
	DatadogServiceLogsSummary   datadogService = "Logs Summary"
)
View Source 
const (
	// NoneAlertChannelType type that defines a non-existing Alert Channel integration
	NoneAlertChannelType alertChannelType = iota
	EmailUserAlertChannelType
	SlackChannelAlertChannelType
	AwsS3AlertChannelType
	CloudwatchEbAlertChannelType
	DatadogAlertChannelType
	WebhookAlertChannelType
	VictorOpsAlertChannelType
	CiscoSparkWebhookAlertChannelType
	MicrosoftTeamsAlertChannelType
	GcpPubSubAlertChannelType
	SplunkHecAlertChannelType
	ServiceNowRestAlertChannelType
	NewRelicInsightsAlertChannelType
	PagerDutyApiAlertChannelType
	IbmQRadarAlertChannelType
	JiraAlertChannelType
)
View Source 
const (
	// The list of valid inputs for QRadar Communication Type field
	QRadarCommHttps           qradarComm = "HTTPS"
	QRadarCommHttpsSelfSigned qradarComm = "HTTPS Self Signed Cert"
)
View Source 
const (
	NoneJiraIssueGrouping jiraIssueGrouping = iota
	EventsJiraIssueGrouping
	ResourcesJiraIssueGrouping
)
View Source 
const (
	BidirectionalJiraConfiguration = "Bidirectional"
	JiraCloudAlertType             = "JIRA_CLOUD"
	JiraServerAlertType            = "JIRA_SERVER"
)
View Source 
const (
	AlertRuleSeverityCritical alertRuleSeverity = 1
	AlertRuleSeverityHigh     alertRuleSeverity = 2
	AlertRuleSeverityMedium   alertRuleSeverity = 3
	AlertRuleSeverityLow      alertRuleSeverity = 4
	AlertRuleSeverityInfo     alertRuleSeverity = 5
	AlertRuleSeverityUnknown  alertRuleSeverity = 0
)
View Source 
const (
	AlertCloseReasonOther alertCloseReason = iota
	AlertCloseReasonFalsePositive
	AlertCloseReasonNotEnoughInfo
	AlertCloseReasonMalicious
	AlertCloseReasonExpected
)
View Source 
const (
	AlertDetailsScope alertScope = iota
	AlertInvestigationScope
	AlertEventsScope
	AlertRelatedAlertsScope
	AlertIntegrationsScope
	AlertTimelineScope
)
View Source 
const (
	AlertsFilterFieldType     alertsFilterField = "alertType"
	AlertsFilterFieldSeverity alertsFilterField = "severity"
	AlertsFilterFieldStatus   alertsFilterField = "status"
)
View Source 
const (
	// type that defines a non-existing Cloud Account integration
	NoneCloudAccount cloudAccountType = iota
	AwsCfgCloudAccount
	AwsCtSqsCloudAccount
	AwsEksAuditCloudAccount
	AwsSidekickCloudAccount
	AwsSidekickOrgCloudAccount
	AwsUsGovCfgCloudAccount
	AwsUsGovCtSqsCloudAccount
	AzureAlSeqCloudAccount
	AzureCfgCloudAccount
	GcpAtSesCloudAccount
	GcpCfgCloudAccount
	GcpGkeAuditCloudAccount
	GcpSidekickCloudAccount
)
View Source 
const (
	// Project level integration with GCP
	GcpProjectIntegration gcpResourceLevel = iota

	// Organization level integration with GCP
	GcpOrganizationIntegration
)
View Source 
const (
	// type that defines a non-existing Container Registry integration
	NoneContainerRegistry containerRegistryType = iota
	GcpGarContainerRegistry
	GhcrContainerRegistry
	InlineScannerContainerRegistry
	ProxyScannerContainerRegistry
	AwsEcrContainerRegistry
	DockerhubContainerRegistry
	DockerhubV2ContainerRegistry
	GcpGcrContainerRegistry
)
View Source 
const (
	AwsEcrIAM ecrAuthType = iota
	AwsEcrAccessKey
)
View Source 
const (
	ReportRuleSeverityCritical reportRuleSeverity = 1
	ReportRuleSeverityHigh     reportRuleSeverity = 2
	ReportRuleSeverityMedium   reportRuleSeverity = 3
	ReportRuleSeverityLow      reportRuleSeverity = 4
	ReportRuleSeverityInfo     reportRuleSeverity = 5
	ReportRuleSeverityUnknown  reportRuleSeverity = 0
)
View Source 
const (
	None integrationSchema = iota
	AlertChannels
	AlertProfiles
	AlertRules
	ContainerRegistries
	CloudAccounts
	ResourceGroups
	ReportRules
	TeamMembers
	VulnerabilityExceptions
)
View Source 
const (
	VulnerabilityExceptionReasonAcceptedRisk vulnerabilityExceptionReason = iota
	VulnerabilityExceptionReasonAcceptedFalsePositive
	VulnerabilityExceptionReasonCompensatingControls
	VulnerabilityExceptionReasonFixPending
	VulnerabilityExceptionReasonOther
	VulnerabilityExceptionReasonUnknown
)
View Source 
const (
	VulnerabilityExceptionTypeHost vulnerabilityExceptionType = iota
	VulnerabilityExceptionTypeContainer
)
View Source 
const (
	VulnerabilityExceptionSeverityCritical vulnerabilityExceptionSeverity = "Critical"
	VulnerabilityExceptionSeverityHigh     vulnerabilityExceptionSeverity = "High"
	VulnerabilityExceptionSeverityMedium   vulnerabilityExceptionSeverity = "Medium"
	VulnerabilityExceptionSeverityLow      vulnerabilityExceptionSeverity = "Low"
	VulnerabilityExceptionSeverityInfo     vulnerabilityExceptionSeverity = "Info"
	VulnerabilityExceptionSeverityUnknown  vulnerabilityExceptionSeverity = "Unknown"
)
View Source 
const AlertRuleEventType = "Event"
View Source 
const AwsComplianceEvaluationDataset complianceEvaluationDataset = "AwsCompliance"
View Source 
const AwsInventoryDataset inventoryDataset = "AwsCompliance"
View Source 
const AwsInventoryType inventoryType = "AWS"
View Source 
const DefaultTokenExpiryTime = 3600
View Source 
const ReportDefinitionNotificationTypeAws = "AWS"
View Source 
const ReportDefinitionNotificationTypeAzure = "Azure"
View Source 
const ReportDefinitionNotificationTypeGcp = "GCP"
View Source 
const ReportRuleEventType = "Report"
View Source 
const V2ApiMaxSearchHistoryDays = 92

V2ApiMaxSearchHistoryDays defines the maximum number of days in the past api v2 allows to be searched

View Source 
const V2ApiMaxSearchWindowDays = 7

V2ApiMaxSearchWindowDays defines the maximum number of days in a single request api v2 allows to be searched

View Source 
const Version = "1.5.2"

Version is the semver coming from the VERSION file

Variables

View Source 
var (
	ContainerResourceGroupAllLabels = []map[string]string{{"*": "*"}}
	ContainerResourceGroupAllTags   = []string{"*"}
)

Wildcard values for selecting all labels/tags

View Source 
var AlertChannelTypes = map[alertChannelType]string{
	NoneAlertChannelType:              "None",
	EmailUserAlertChannelType:         "EmailUser",
	SlackChannelAlertChannelType:      "SlackChannel",
	AwsS3AlertChannelType:             "AwsS3",
	CloudwatchEbAlertChannelType:      "CloudwatchEb",
	DatadogAlertChannelType:           "Datadog",
	WebhookAlertChannelType:           "Webhook",
	VictorOpsAlertChannelType:         "VictorOps",
	CiscoSparkWebhookAlertChannelType: "CiscoSparkWebhook",
	MicrosoftTeamsAlertChannelType:    "MicrosoftTeams",
	GcpPubSubAlertChannelType:         "GcpPubsub",
	SplunkHecAlertChannelType:         "SplunkHec",
	ServiceNowRestAlertChannelType:    "ServiceNowRest",
	NewRelicInsightsAlertChannelType:  "NewRelicInsights",
	PagerDutyApiAlertChannelType:      "PagerDutyApi",
	IbmQRadarAlertChannelType:         "IbmQradar",
	JiraAlertChannelType:              "Jira",
}

AlertChannelTypes is the list of available Alert Channel integration types

View Source 
var AlertCloseReasons = alertCloseReasons{
	AlertCloseReasonOther:         "Other",
	AlertCloseReasonFalsePositive: "False positive",
	AlertCloseReasonNotEnoughInfo: "Not enough information",
	AlertCloseReasonMalicious:     "Malicious and have resolution in place",
	AlertCloseReasonExpected:      "Expected because of routine testing",
}

AlertCloseReasons is the list of available Alert closure reasons

View Source 
var AlertScopes = map[alertScope]string{
	AlertDetailsScope:       "Details",
	AlertInvestigationScope: "Investigation",
	AlertEventsScope:        "Events",
	AlertRelatedAlertsScope: "RelatedAlerts",
	AlertIntegrationsScope:  "Integrations",
	AlertTimelineScope:      "Timeline",
}
View Source 
var AllAwsReportRuleNotifications = new(AwsReportRuleNotifications).allNotifications()

Enable all Aws report rules

View Source 
var AllAzureReportRuleNotifications = new(AzureReportRuleNotifications).allNotifications()

Enable all Azure report rules

View Source 
var AllDailyReportRuleNotifications = new(DailyEventsReportRuleNotifications).allNotifications()

Enable all Daily report rules

View Source 
var AllGcpReportRuleNotifications = new(GcpReportRuleNotifications).allNotifications()

Enable all Gcp report rules

View Source 
var AllReportRuleNotifications = new(ReportRuleNotificationTypes).allNotifications()

Enable all report rules

View Source 
var AllWeeklyReportRuleNotifications = new(WeeklyEventsReportRuleNotifications).allNotifications()

Enable all Weekly report rules

View Source 
var AwsEcrAuthTypes = map[ecrAuthType]string{
	AwsEcrIAM:       "AWS_IAM",
	AwsEcrAccessKey: "AWS_ACCESS_KEY",
}

AwsEcrAuthTypes is the list of available ECR auth types

View Source 
var (
	AwsResourceGroupAllAccounts = []string{"*"}
)

Wildcard values for selecting all aws accounts

View Source 
var (
	AzureResourceGroupAllSubscriptions = []string{"*"}
)

Wildcard values for selecting all azure subscriptions

View Source 
var CloudAccountTypes = map[cloudAccountType]string{
	NoneCloudAccount:           "None",
	AwsCfgCloudAccount:         "AwsCfg",
	AwsCtSqsCloudAccount:       "AwsCtSqs",
	AwsEksAuditCloudAccount:    "AwsEksAudit",
	AwsSidekickCloudAccount:    "AwsSidekick",
	AwsSidekickOrgCloudAccount: "AwsSidekickOrg",
	AwsUsGovCfgCloudAccount:    "AwsUsGovCfg",
	AwsUsGovCtSqsCloudAccount:  "AwsUsGovCtSqs",
	AzureAlSeqCloudAccount:     "AzureAlSeq",
	AzureCfgCloudAccount:       "AzureCfg",
	GcpAtSesCloudAccount:       "GcpAtSes",
	GcpCfgCloudAccount:         "GcpCfg",
	GcpGkeAuditCloudAccount:    "GcpGkeAudit",
	GcpSidekickCloudAccount:    "GcpSidekick",
}

CloudAccountTypes is the list of available Cloud Account integration types

View Source 
var ContainerRegistryTypes = map[containerRegistryType]string{
	NoneContainerRegistry:          "None",
	GcpGarContainerRegistry:        "GCP_GAR",
	GhcrContainerRegistry:          "GHCR",
	InlineScannerContainerRegistry: "INLINE_SCANNER",
	ProxyScannerContainerRegistry:  "PROXY_SCANNER",
	AwsEcrContainerRegistry:        "AWS_ECR",
	DockerhubContainerRegistry:     "DOCKERHUB",
	DockerhubV2ContainerRegistry:   "V2_REGISTRY",
	GcpGcrContainerRegistry:        "GCP_GCR",
}

ContainerRegistryTypes is the list of available Container Registry integration types

View Source 
var EntityTypes = map[EntityType]string{
	NoneEntityType:           "None",
	MachineDetailsEntityType: "MachineDetails",
	UsersEntityType:          "Users",
	ImagesEntityType:         "Images",
}

EntityTypes is the list of available entity types

View Source 
var (
	GcpResourceGroupAllProjects = []string{"*"}
)

Wildcard values for selecting all gcp projects

View Source 
var JiraIssueGroupings = map[jiraIssueGrouping]string{
	NoneJiraIssueGrouping:      "",
	EventsJiraIssueGrouping:    "Events",
	ResourcesJiraIssueGrouping: "Resources",
}
View Source 
var JiraIssueGroupingsSurvey = map[string]jiraIssueGrouping{
	"None":      NoneJiraIssueGrouping,
	"Events":    EventsJiraIssueGrouping,
	"Resources": ResourcesJiraIssueGrouping,
}
View Source 
var (
	LwAccountResourceGroupAllAccounts = []string{"*"}
)

Wildcard values for selecting all lacework accounts

View Source 
var (
	MachineResourceGroupAllTags = []map[string]string{{"*": "*"}}
)

Wildcard values for selecting all machine tags

View Source 
var ResourceGroupTypes = map[ResourceGroupType]string{
	NoneResourceGroup:      "None",
	AwsResourceGroup:       "AWS",
	AzureResourceGroup:     "AZURE",
	ContainerResourceGroup: "CONTAINER",
	GcpResourceGroup:       "GCP",
	LwAccountResourceGroup: "LW_ACCOUNT",
	MachineResourceGroup:   "MACHINE",
}

ResourceGroupTypes is the list of available Resource Group types

View Source 
var ValidAlertSeverities = []string{"critical", "high", "medium", "low", "info"}

ValidAlertSeverities is a list of all valid alert severities

View Source 
var ValidAlertStatuses = []string{"Open", "Closed"}

ValidAlertStatuses is a list of all valid alert statuses

View Source 
var ValidComplianceStatus = []string{"non-compliant", "requires-manual-assessment", "suppressed", "compliant", "could-not-assess"}

ValidComplianceStatus is a list of all valid compliance status

View Source 
var ValidPolicySeverities = []string{"critical", "high", "medium", "low", "info"}

ValidPolicySeverities is a list of all valid policy severities

View Source 
var VulnerabilityExceptionReasons = map[vulnerabilityExceptionReason]string{
	VulnerabilityExceptionReasonAcceptedRisk:          "Accepted Risk",
	VulnerabilityExceptionReasonAcceptedFalsePositive: "False Positive",
	VulnerabilityExceptionReasonCompensatingControls:  "Compensating Controls",
	VulnerabilityExceptionReasonFixPending:            "Fix Pending",
	VulnerabilityExceptionReasonOther:                 "Other",
	VulnerabilityExceptionReasonUnknown:               "Unknown",
}
View Source 
var VulnerabilityExceptionTypes = map[vulnerabilityExceptionType]string{
	VulnerabilityExceptionTypeHost:      "Host",
	VulnerabilityExceptionTypeContainer: "Container",
}

Functions

func DatadogService added in v0.2.18 

func DatadogService(service string) (datadogService, error)

DatadogService returns the datadogService type for the corresponding string input

func DatadogSite added in v0.2.18 

func DatadogSite(site string) (datadogSite, error)

DatadogSite returns the datadogSite type for the corresponding string input

func FindAlertChannelType added in v0.11.0 

func FindAlertChannelType(alertChannel string) (alertChannelType, bool)

FindAlertChannelType looks up inside the list of available alert channel types the matching type from the provided string, if none, returns NoneAlertChannelType

func FindCloudAccountType added in v0.10.0 

func FindCloudAccountType(cloudAccount string) (cloudAccountType, bool)

FindCloudAccountType looks up inside the list of available cloud account types the matching type from the provided string, if none, returns NoneCloudAccount

func FindContainerRegistryType added in v0.13.0 

func FindContainerRegistryType(containerRegistry string) (containerRegistryType, bool)

FindContainerRegistryType looks up inside the list of available container registry types the matching type from the provided string, if none, returns NoneContainerRegistry

func NewV2AlertProfilesService added in v0.32.0 

func NewV2AlertProfilesService(c *Client) *v2alertProfilesService

func NewV2ConfigService added in v1.0.0 

func NewV2ConfigService(c *Client) *v2ConfigService

func NewV2VulnerabilitiesService added in v0.25.0 

func NewV2VulnerabilitiesService(c *Client) *v2VulnerabilitiesService

func NewVulnerabilityExceptionReason added in v0.24.0 

func NewVulnerabilityExceptionReason(reason string) vulnerabilityExceptionReason

func QRadarComm added in v0.2.20 

func QRadarComm(site string) (qradarComm, error)

QRadarComm returns the qradarComm type for the corresponding string input

func SeverityInt added in v1.0.0 

func SeverityInt(sev int) string

func SeverityOrder added in v1.0.0 

func SeverityOrder(severity string) int

func TransformReportRuleNotification added in v0.21.0 

func TransformReportRuleNotification(notificationsMap map[string]bool, notificationType reportRuleNotification) error

func WindowedSearchFirst added in v1.0.0 

func WindowedSearchFirst(fn search, size int, max int, response SearchResponse, filter SearchableFilter) error

WindowedSearchFirst performs a new search of a specific time frame size, until response data is found or the max searchable days is reached

Types

type Account added in v0.8.0 

type Account struct {
	Admin       bool   `json:"admin"`
	AccountName string `json:"accountName"`
	CustGUID    string `json:"custGuid"`
	UserGUID    string `json:"userGuid"`
	UserEnabled int    `json:"userEnabled"`
}

func (*Account) Enabled added in v0.8.0 

func (a *Account) Enabled() bool

type AgentAccessToken added in v0.10.0 

type AgentAccessToken struct {
	AccessToken string                `json:"accessToken"`
	CreatedTime time.Time             `json:"createdTime"`
	Props       AgentAccessTokenProps `json:"props,omitempty"`
	TokenAlias  string                `json:"tokenAlias"`
	Enabled     int                   `json:"tokenEnabled"`
	Version     string                `json:"version"`
}

func (AgentAccessToken) PrettyState added in v0.10.0 

func (t AgentAccessToken) PrettyState() string

func (AgentAccessToken) State added in v0.10.0 

func (t AgentAccessToken) State() bool

type AgentAccessTokenProps added in v0.10.0 

type AgentAccessTokenProps struct {
	CreatedTime time.Time `json:"createdTime,omitempty"`
	Description string    `json:"description,omitempty"`
}

type AgentAccessTokenRequest added in v0.10.0 

type AgentAccessTokenRequest struct {
	Enabled    int                    `json:"tokenEnabled"`
	TokenAlias string                 `json:"tokenAlias,omitempty"`
	Props      *AgentAccessTokenProps `json:"props,omitempty"`
}

type AgentAccessTokenResponse added in v0.10.0 

type AgentAccessTokenResponse struct {
	Data AgentAccessToken `json:"data"`
}

type AgentAccessTokensResponse added in v0.10.0 

type AgentAccessTokensResponse struct {
	Data []AgentAccessToken `json:"data"`
}

type AgentAccessTokensService added in v0.10.0 

type AgentAccessTokensService struct {
	// contains filtered or unexported fields
}

AgentAccessTokensService is the service that interacts with the AgentAccessTokens schema from the Lacework APIv2 Server

func (*AgentAccessTokensService) Create added in v0.10.0 

func (svc *AgentAccessTokensService) Create(alias, desc string) (
	response AgentAccessTokenResponse,
	err error,
)

Create creates a single Agent Access Token

func (*AgentAccessTokensService) Get added in v0.10.0 

func (svc *AgentAccessTokensService) Get(token string) (
	response AgentAccessTokenResponse,
	err error,
)

Get returns an Agent Access Token with the matching ID (token)

func (*AgentAccessTokensService) List added in v0.10.0 

func (svc *AgentAccessTokensService) List() (response AgentAccessTokensResponse, err error)

List returns a list of Agent Access Tokens

func (*AgentAccessTokensService) SearchAlias added in v0.10.0 

func (svc *AgentAccessTokensService) SearchAlias(alias string) (
	response AgentAccessTokensResponse,
	err error,
)

SearchAlias will search for an Agent Access Token that matches the provider token alias

func (*AgentAccessTokensService) Update added in v0.10.0 

func (svc *AgentAccessTokensService) Update(token string, data AgentAccessTokenRequest) (
	response AgentAccessTokenResponse,
	err error,
)

Update updates an Agent Access Token with the provided request data

func (*AgentAccessTokensService) UpdateState added in v0.10.0 

func (svc *AgentAccessTokensService) UpdateState(token string, enable bool) (
	response AgentAccessTokenResponse,
	err error,
)

UpdateState updates only the state of an Agent Access Token (enable or disable)

type AgentInfo added in v0.40.0 

type AgentInfo struct {
	AgentVersion string    `json:"agentVersion"`
	CreatedTime  time.Time `json:"createdTime"`
	Hostname     string    `json:"hostname"`
	IpAddr       string    `json:"ipAddr"`
	LastUpdate   time.Time `json:"lastUpdate"`
	Mid          int       `json:"mid"`
	Mode         string    `json:"mode"`
	Os           string    `json:"os"`
	Status       string    `json:"status"`
	Tags         struct {
		// Shared Tags
		Arch           string `json:"arch,omitempty"`
		ExternalIP     string `json:"ExternalIp,omitempty"`
		Hostname       string `json:"Hostname,omitempty"`
		InstanceID     string `json:"InstanceId,omitempty"`
		InternalIP     string `json:"InternalIp,omitempty"`
		LwTokenShort   string `json:"LwTokenShort,omitempty"`
		Os             string `json:"os,omitempty"`
		VMInstanceType string `json:"VmInstanceType,omitempty"`
		VMProvider     string `json:"VmProvider,omitempty"`
		Zone           string `json:"Zone,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiID    string `json:"AmiId,omitempty"`
		Name     string `json:"Name,omitempty"`
		SubnetID string `json:"SubnetId,omitempty"`
		VpcID    string `json:"VpcId,omitempty"`

		// GCP Tags
		Cluster                 string `json:"Cluster,omitempty"`
		ClusterLocation         string `json:"cluster-location,omitempty"`
		ClusterName             string `json:"cluster-name,omitempty"`
		ClusterUID              string `json:"cluster-uid,omitempty"`
		CreatedBy               string `json:"created-by,omitempty"`
		EnableOSLogin           string `json:"enable-oslogin,omitempty"`
		Env                     string `json:"Env,omitempty"`
		GCEtags                 string `json:"GCEtags,omitempty"`
		GCIEnsureGKEDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GCIUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePCID string `json:"google-compute-enable-pcid,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		InstanceTemplate        string `json:"InstanceTemplate,omitempty"`
		KubeLabels              string `json:"kube-labels,omitempty"`
		LWKubernetesCluster     string `json:"lw_KubernetesCluster,omitempty"`
		NumericProjectID        string `json:"NumericProjectId,omitempty"`
		ProjectID               string `json:"ProjectId,omitempty"`
	} `json:"tags"`
}

type AgentInfoResponse added in v0.40.0 

type AgentInfoResponse struct {
	Data   []AgentInfo  `json:"data"`
	Paging V2Pagination `json:"paging"`
}

func (AgentInfoResponse) PageInfo added in v0.40.0 

func (r AgentInfoResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*AgentInfoResponse) ResetPaging added in v0.40.0 

func (r *AgentInfoResponse) ResetPaging()

type AgentInfoService added in v0.40.0 

type AgentInfoService struct {
	// contains filtered or unexported fields
}

AgentInfoService is the service that interacts with the AgentInfo schema from the Lacework APIv2 Server

func (*AgentInfoService) Search added in v0.40.0 

func (svc *AgentInfoService) Search(response interface{}, filters SearchFilter) error

type Alert added in v1.0.0 

type Alert struct {
	ID            int                `json:"alertId"`
	Name          string             `json:"alertName"`
	Type          string             `json:"alertType"`
	Severity      string             `json:"severity"`
	Info          AlertInfo          `json:"alertInfo"`
	Spec          AlertSpec          `json:"alertSpec"`
	Status        string             `json:"status"`
	StartTime     string             `json:"startTime"`
	EndTime       string             `json:"endTime"`
	UpdateTime    string             `json:"lastUserUpdateTime"`
	PolicyID      string             `json:"policyId"`
	DerivedFields AlertDerivedFields `json:"derivedFields"`
	Reachability  string             `json:"reachability"`
}

func (Alert) GetSeverity added in v1.0.0 

func (a Alert) GetSeverity() string

type AlertChannel added in v0.11.0 

type AlertChannel interface {
	ID() string
	AlertChannelType() alertChannelType
}

AlertChannel is an interface that helps us implement a few functions that any Alert Channel might use, there are some cases, like during Update, where we need to get the ID of the Alert Channel and its type, this will allow users to pass any Alert Channel that implements these methods

type AlertChannelRaw added in v0.11.0 

type AlertChannelRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewAlertChannel added in v0.11.0 

func NewAlertChannel(name string, iType alertChannelType, data interface{}) AlertChannelRaw

NewAlertChannel returns an instance of the AlertChannelRaw struct with the provided Alert Channel integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Alert Channel type.

Basic usage: Initialize a new EmailUserAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

emailAlertChan := api.NewAlertChannel("foo",
  api.EmailUserAlertChannelType,
  api.EmailUserData{
    ChannelProps: api.EmailUserChannelProps{
      Recipients: []string{"name@example.com"},
    },
  },
)

client.V2.AlertChannels.Create(emailAlertChan)

func (AlertChannelRaw) AlertChannelType added in v0.11.0 

func (alert AlertChannelRaw) AlertChannelType() alertChannelType

func (AlertChannelRaw) GetCommon added in v0.42.0 

func (alert AlertChannelRaw) GetCommon() v2CommonIntegrationData

func (AlertChannelRaw) GetData added in v0.42.0 

func (alert AlertChannelRaw) GetData() any

func (AlertChannelRaw) ID added in v0.11.0 

func (c AlertChannelRaw) ID() string

func (AlertChannelRaw) StateString added in v0.34.0 

func (c AlertChannelRaw) StateString() string

func (AlertChannelRaw) Status added in v0.34.0 

func (c AlertChannelRaw) Status() string

type AlertChannelResponse added in v0.11.0 

type AlertChannelResponse struct {
	Data AlertChannelRaw `json:"data"`
}

type AlertChannelsResponse added in v0.11.0 

type AlertChannelsResponse struct {
	Data []AlertChannelRaw `json:"data"`
}

type AlertChannelsService added in v0.11.0 

type AlertChannelsService struct {
	// contains filtered or unexported fields
}

AlertChannelsService is the service that interacts with the AlertChannels schema from the Lacework APIv2 Server

func (*AlertChannelsService) Create added in v0.11.0 

func (svc *AlertChannelsService) Create(integration AlertChannelRaw) (
	response AlertChannelResponse,
	err error,
)

Create creates a single Alert Channel integration

func (*AlertChannelsService) Delete added in v0.11.0 

func (svc *AlertChannelsService) Delete(guid string) error

Delete deletes a Alert Channel integration that matches the provided guid

func (*AlertChannelsService) Get added in v0.11.0 

func (svc *AlertChannelsService) Get(guid string, response interface{}) error

Get returns a raw response of the Alert Channel with the matching integration guid.

To return a more specific Go struct of a Alert Channel integration, use the proper method such as GetEmailUser() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Alert Channel integration type.

func (*AlertChannelsService) GetAwsS3 added in v0.14.0 

func (svc *AlertChannelsService) GetAwsS3(guid string) (
	response AwsS3AlertChannelResponseV2,
	err error,
)

GetAwsS3 gets a single AwsS3 alert channel matching the provided integration guid

func (*AlertChannelsService) GetCiscoSparkWebhook added in v0.18.0 

func (svc *AlertChannelsService) GetCiscoSparkWebhook(guid string) (response CiscoSparkWebhookAlertChannelResponseV2, err error)

GetCiscoSparkWebhook gets a single instance of a Cisco Spark webhook alert channel with the corresponding integration guid

func (*AlertChannelsService) GetCloudwatchEb added in v0.17.0 

func (svc *AlertChannelsService) GetCloudwatchEb(guid string) (response CloudwatchEbAlertChannelResponseV2, err error)

GetCloudwatchEb gets a single instance of an AWS Cloudwatch alert channel with the corresponding integration guid

func (*AlertChannelsService) GetDatadog added in v0.17.0 

func (svc *AlertChannelsService) GetDatadog(guid string) (response DatadogAlertChannelResponseV2, err error)

GetDatadog gets a single instance of a Datadog alert channel with the corresponding integration guid

func (*AlertChannelsService) GetEmailUser added in v0.11.0 

func (svc *AlertChannelsService) GetEmailUser(guid string) (
	response EmailUserAlertChannelResponse,
	err error,
)

GetEmailUser gets a single EmailUser alert channel matching the provided integration guid

func (*AlertChannelsService) GetGcpPubSub added in v0.18.0 

func (svc *AlertChannelsService) GetGcpPubSub(guid string) (response GcpPubSubAlertChannelResponseV2, err error)

GetGcpPubSub gets a single instance of a GCP Pub Sub alert channel with the corresponding guid

func (*AlertChannelsService) GetIbmQRadar added in v0.18.0 

func (svc *AlertChannelsService) GetIbmQRadar(guid string) (
	response IbmQRadarAlertChannelResponseV2,
	err error,
)

GetIbmQRadar gets a single IbmQRadar alert channel matching the provided integration guid

func (*AlertChannelsService) GetJira added in v0.19.0 

func (svc *AlertChannelsService) GetJira(guid string) (response JiraAlertChannelResponseV2, err error)

GetJira gets a single instance of a Jira Cloud or Jira Server alert channel with the corresponding guid

func (*AlertChannelsService) GetMicrosoftTeams added in v0.18.0 

func (svc *AlertChannelsService) GetMicrosoftTeams(guid string) (response MicrosoftTeamsAlertChannelResponseV2, err error)

GetMicrosoftTeams gets a single instance of a MicrosoftTeams alert channel with the corresponding integration guid

func (*AlertChannelsService) GetNewRelicInsights added in v0.18.0 

func (svc *AlertChannelsService) GetNewRelicInsights(guid string) (
	response NewRelicInsightsAlertChannelResponseV2,
	err error,
)

GetNewRelicInsights gets a single NewRelic alert channel matching the provided integration guid

func (*AlertChannelsService) GetPagerDutyApi added in v0.18.0 

func (svc *AlertChannelsService) GetPagerDutyApi(guid string) (
	response PagerDutyApiAlertChannelResponseV2,
	err error,
)

GetPagerDutyApi gets a single PagerDuty alert channel matching the provided integration guid

func (*AlertChannelsService) GetServiceNowRest added in v0.18.0 

func (svc *AlertChannelsService) GetServiceNowRest(guid string) (
	response ServiceNowRestAlertChannelResponseV2,
	err error,
)

GetServiceNowRest gets a single ServiceNowRest alert channel matching the provided integration guid

func (*AlertChannelsService) GetSlackChannel added in v0.14.0 

func (svc *AlertChannelsService) GetSlackChannel(guid string) (
	response SlackChannelAlertChannelResponseV2,
	err error,
)

GetSlackChannel gets a single SlackChannel alert channel matching the provided integration guid

func (*AlertChannelsService) GetSplunkHec added in v0.18.0 

func (svc *AlertChannelsService) GetSplunkHec(guid string) (
	response SplunkHecAlertChannelResponseV2,
	err error,
)

GetSplunkHec gets a single Splunk alert channel matching the provided integration guid

func (*AlertChannelsService) GetVictorOps added in v0.17.0 

func (svc *AlertChannelsService) GetVictorOps(guid string) (
	response VictorOpsAlertChannelResponseV2,
	err error,
)

GetVictorOps gets a single VictorOps alert channel matching the provided integration guid

func (*AlertChannelsService) GetWebhook added in v0.17.0 

func (svc *AlertChannelsService) GetWebhook(guid string) (
	response WebhookAlertChannelResponseV2,
	err error,
)

GetWebhook gets a single Webhook alert channel matching the provided integration guid

func (*AlertChannelsService) List added in v0.11.0 

func (svc *AlertChannelsService) List() (response AlertChannelsResponse, err error)

List returns a list of Alert Channel integrations

func (*AlertChannelsService) Test added in v0.13.0 

func (svc *AlertChannelsService) Test(guid string) error

Test tests an Alert Channel integration that matches the provided guid

func (*AlertChannelsService) UpdateAwsS3 added in v0.14.0 

func (svc *AlertChannelsService) UpdateAwsS3(data AlertChannel) (
	response AwsS3AlertChannelResponseV2,
	err error,
)

UpdateAwsS3 updates a single AwsS3 integration on the Lacework Server

func (*AlertChannelsService) UpdateCiscoSparkWebhook added in v0.18.0 

func (svc *AlertChannelsService) UpdateCiscoSparkWebhook(data AlertChannel) (response CiscoSparkWebhookAlertChannelResponseV2, err error)

UpdateCiscoSparkWebhook updates a single instance of Cisco Spark webhook integration on the Lacework server

func (*AlertChannelsService) UpdateCloudwatchEb added in v0.17.0 

func (svc *AlertChannelsService) UpdateCloudwatchEb(data AlertChannel) (response CloudwatchEbAlertChannelResponseV2, err error)

UpdateCloudwatchEb Update AWSCloudWatch updates a single instance of an AWS cloudwatch integration on the Lacework server

func (*AlertChannelsService) UpdateDatadog added in v0.17.0 

func (svc *AlertChannelsService) UpdateDatadog(data AlertChannel) (response DatadogAlertChannelResponseV2, err error)

UpdateDatadog updates a single instance of a Datadog integration on the Lacework server

func (*AlertChannelsService) UpdateEmailUser added in v0.11.0 

func (svc *AlertChannelsService) UpdateEmailUser(data AlertChannel) (
	response EmailUserAlertChannelResponse,
	err error,
)

UpdateEmailUser updates a single EmailUser integration on the Lacework Server

func (*AlertChannelsService) UpdateGcpPubSub added in v0.18.0 

func (svc *AlertChannelsService) UpdateGcpPubSub(data AlertChannel) (response GcpPubSubAlertChannelResponseV2, err error)

UpdateGcpPubSub updates a single instance of GCP Pub Sub integration on the Lacework server

func (*AlertChannelsService) UpdateIbmQRadar added in v0.18.0 

func (svc *AlertChannelsService) UpdateIbmQRadar(data AlertChannel) (
	response IbmQRadarAlertChannelResponseV2,
	err error,
)

UpdateIbmQRadar updates a single IbmQRadar integration on the Lacework Server

func (*AlertChannelsService) UpdateJira added in v0.19.0 

func (svc *AlertChannelsService) UpdateJira(data AlertChannel) (response JiraAlertChannelResponseV2, err error)

UpdateJira updates a single instance of a Jira Cloud or Jira Server integration on the Lacework server

func (*AlertChannelsService) UpdateMicrosoftTeams added in v0.18.0 

func (svc *AlertChannelsService) UpdateMicrosoftTeams(data AlertChannel) (response MicrosoftTeamsAlertChannelResponseV2, err error)

UpdateMicrosoftTeams updates a single instance of a MicrosoftTeams integration on the Lacework server

func (*AlertChannelsService) UpdateNewRelicInsights added in v0.18.0 

func (svc *AlertChannelsService) UpdateNewRelicInsights(data AlertChannel) (
	response NewRelicInsightsAlertChannelResponseV2,
	err error,
)

UpdateNewRelicInsights updates a single NewRelic integration on the Lacework Server

func (*AlertChannelsService) UpdatePagerDutyApi added in v0.18.0 

func (svc *AlertChannelsService) UpdatePagerDutyApi(data AlertChannel) (
	response PagerDutyApiAlertChannelResponseV2,
	err error,
)

UpdatePagerDutyApi updates a single PagerDuty integration on the Lacework Server

func (*AlertChannelsService) UpdateServiceNowRest added in v0.18.0 

func (svc *AlertChannelsService) UpdateServiceNowRest(data AlertChannel) (
	response ServiceNowRestAlertChannelResponseV2,
	err error,
)

UpdateServiceNowRest updates a single ServiceNowRest integration on the Lacework Server

func (*AlertChannelsService) UpdateSlackChannel added in v0.14.0 

func (svc *AlertChannelsService) UpdateSlackChannel(data AlertChannel) (
	response SlackChannelAlertChannelResponseV2,
	err error,
)

UpdateSlackChannel updates a single SlackChannel integration on the Lacework Server

func (*AlertChannelsService) UpdateSplunkHec added in v0.18.0 

func (svc *AlertChannelsService) UpdateSplunkHec(data AlertChannel) (
	response SplunkHecAlertChannelResponseV2,
	err error,
)

UpdateSplunkHec updates a single Splunk integration on the Lacework Server

func (*AlertChannelsService) UpdateVictorOps added in v0.17.0 

func (svc *AlertChannelsService) UpdateVictorOps(data AlertChannel) (
	response VictorOpsAlertChannelResponseV2,
	err error,
)

UpdateVictorOps updates a single VictorOps integration on the Lacework Server

func (*AlertChannelsService) UpdateWebhook added in v0.17.0 

func (svc *AlertChannelsService) UpdateWebhook(data AlertChannel) (
	response WebhookAlertChannelResponseV2,
	err error,
)

UpdateWebhook updates a single Webhook integration on the Lacework Server

type AlertCloseRequest added in v1.0.0 

type AlertCloseRequest struct {
	AlertID int    `json:"-"`
	Reason  int    `json:"reason"`
	Comment string `json:"comment,omitempty"`
}

type AlertCloseResponse added in v1.0.0 

type AlertCloseResponse struct {
	Message string `json:"message"`
}

type AlertDerivedFields added in v1.0.0 

type AlertDerivedFields struct {
	Category    string `json:"category"`
	SubCategory string `json:"sub_category"`
	Source      string `json:"source"`
}

type AlertDetails added in v1.0.0 

type AlertDetails struct {
	Alert
	EntityMap map[string]interface{} `json:"entityMap"` // @dhazekamp: this needs to be built out properly
}

type AlertDetailsResponse added in v1.0.0 

type AlertDetailsResponse struct {
	Data AlertDetails `json:"data"`
}

type AlertEvent added in v1.0.0 

type AlertEvent map[string]interface{}

@dhazekamp: is this the same structure as v2/Events? @dhazekamp: is this structure consistent across alerts (types)

type AlertEventsResponse added in v1.0.0 

type AlertEventsResponse struct {
	Data []AlertEvent `json:"data"`
}

type AlertInfo added in v1.0.0 

type AlertInfo struct {
	Subject     string `json:"subject"`
	Description string `json:"description"`
}

type AlertIntegration added in v1.0.0 

type AlertIntegration struct {
	ID            string                  `json:"alertIntegrationId"`
	AlertID       int                     `json:"alertId"`
	Type          string                  `json:"integrationType"`
	Channel       AlertIntegrationChannel `json:"alertChannel"`
	Context       AlertIntegrationContext `json:"integrationContext"`
	IntgGUID      string                  `json:"intgGuid"`
	LastSyncTime  string                  `json:"lastSyncTime"`
	Status        string                  `json:"status"`
	Bidirectional bool                    `json:"isBidirectional"`
}

type AlertIntegrationChannel added in v1.0.0 

type AlertIntegrationChannel struct {
	IntgGuid             string                       `json:"INTG_GUID,omitempty"`
	Name                 string                       `json:"NAME"`
	CreatedOrUpdatedTime string                       `json:"CREATED_OR_UPDATED_TIME,omitempty"`
	CreatedOrUpdatedBy   string                       `json:"CREATED_OR_UPDATED_BY,omitempty"`
	Type                 string                       `json:"TYPE"`
	Enabled              int                          `json:"ENABLED"`
	State                AlertIntegrationChannelState `json:"STATE,omitempty"`
	IsOrg                int                          `json:"IS_ORG,omitempty"`
	TypeName             string                       `json:"TYPE_NAME,omitempty"`
	EnvironmentGUID      string                       `json:"ENV_GUID"`
	Data                 map[string]interface{}       `json:"DATA"`
}

func (AlertIntegrationChannel) StateString added in v1.0.0 

func (c AlertIntegrationChannel) StateString() string

func (AlertIntegrationChannel) Status added in v1.0.0 

func (c AlertIntegrationChannel) Status() string

type AlertIntegrationChannelState added in v1.0.0 

type AlertIntegrationChannelState struct {
	Ok                 bool                   `json:"ok"`
	LastUpdatedTime    int                    `json:"lastUpdatedTime"`
	LastSuccessfulTime int                    `json:"lastSuccessfulTime"`
	Details            map[string]interface{} `json:"details,omitempty"`
}

type AlertIntegrationContext added in v1.0.0 

type AlertIntegrationContext struct {
	ID   string `json:"id"`
	Link string `json:"link"`
}

type AlertIntegrationsResponse added in v1.0.0 

type AlertIntegrationsResponse struct {
	Data []AlertIntegration `json:"data"`
}

type AlertInvestigation added in v1.0.0 

type AlertInvestigation struct {
	Question string `json:"question"`
	Answer   string `json:"answer"`
}

type AlertInvestigationResponse added in v1.0.0 

type AlertInvestigationResponse struct {
	Data []AlertInvestigation `json:"data"`
}

type AlertProfile added in v0.32.0 

type AlertProfile struct {
	Guid            string                        `json:"alertProfileId,omitempty" yaml:"alertProfileId,omitempty"`
	Extends         string                        `json:"extends" yaml:"extends"`
	Fields          []AlertProfileField           `json:"fields,omitempty" yaml:"fields,omitempty"`
	DescriptionKeys []AlertProfileDescriptionKeys `json:"descriptionKeys,omitempty" yaml:"descriptionKeys,omitempty"`
	Alerts          []AlertTemplate               `json:"alerts" yaml:"alerts"`
}

type AlertProfileConfig added in v0.32.0 

type AlertProfileConfig struct {
	Guid    string          `json:"alertProfileId" yaml:"alertProfileId"`
	Extends string          `json:"extends" yaml:"extends"`
	Alerts  []AlertTemplate `json:"alerts" yaml:"alerts"`
}

func NewAlertProfile added in v0.32.0 

func NewAlertProfile(id string, extends string, alerts []AlertTemplate) AlertProfileConfig

NewAlertProfile returns an instance of the AlertProfileConfig struct

Basic usage: Initialize a new AlertProfileConfig struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  alertProfile := api.NewAlertProfile(
		"CUSTOM_PROFILE_NAME",
		"LW_HE_FILES_DEFAULT_PROFILE"
		[]api.AlertTemplate{{
		...
		}
    },
  )

  client.V2.Alert.Profiles.Create(AlertProfile)

type AlertProfileDescriptionKeys added in v0.32.0 

type AlertProfileDescriptionKeys struct {
	Name string `json:"name" yaml:"name"`
	Spec string `json:"spec" yaml:"spec"`
}

type AlertProfileField added in v0.32.0 

type AlertProfileField struct {
	Name string `json:"name" yaml:"name"`
}

type AlertProfileResponse added in v0.32.0 

type AlertProfileResponse struct {
	Data AlertProfile `json:"data" yaml:"data"`
}

type AlertProfilesResponse added in v0.32.0 

type AlertProfilesResponse struct {
	Data []AlertProfile `json:"data" yaml:"data"`
}

type AlertRule added in v0.18.0 

type AlertRule struct {
	Guid     string          `json:"mcGuid,omitempty"`
	Type     string          `json:"type"`
	Channels []string        `json:"intgGuidList"`
	Filter   AlertRuleFilter `json:"filters"`
}

func NewAlertRule added in v0.18.0 

func NewAlertRule(name string, rule AlertRuleConfig) AlertRule

NewAlertRule returns an instance of the AlertRule struct

Basic usage: Initialize a new AlertRule struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  alertRule := api.NewAlertRule(
		"Foo",
		api.AlertRuleConfig{
		Description: "My Alert Rule"
		Severities: api.AlertRuleSeverities{api.AlertRuleSeverityHigh,
		Channels: []string{"TECHALLY_000000000000AAAAAAAAAAAAAAAAAAAA"},
		ResourceGroups: []string{"TECHALLY_111111111111AAAAAAAAAAAAAAAAAAAA"}
      },
    },
  )

  client.V2.AlertRules.Create(alertRule)

type AlertRuleConfig added in v0.18.0 

type AlertRuleConfig struct {
	Channels        []string
	Description     string
	Severities      AlertRuleSeverities
	ResourceGroups  []string
	EventCategories []string
}

type AlertRuleFilter added in v0.18.0 

type AlertRuleFilter struct {
	Name                 string   `json:"name"`
	Enabled              int      `json:"enabled"`
	Description          string   `json:"description,omitempty"`
	Severity             []int    `json:"severity"`
	ResourceGroups       []string `json:"resourceGroups,omitempty"`
	EventCategories      []string `json:"eventCategory,omitempty"`
	CreatedOrUpdatedTime string   `json:"createdOrUpdatedTime,omitempty"`
	CreatedOrUpdatedBy   string   `json:"createdOrUpdatedBy,omitempty"`
}

func (AlertRuleFilter) Status added in v0.20.0 

func (rule AlertRuleFilter) Status() string

type AlertRuleResponse added in v0.18.0 

type AlertRuleResponse struct {
	Data AlertRule `json:"data"`
}

type AlertRuleSeverities added in v0.18.0 

type AlertRuleSeverities []alertRuleSeverity

func NewAlertRuleSeverities added in v0.19.0 

func NewAlertRuleSeverities(sevSlice []string) AlertRuleSeverities

func NewAlertRuleSeveritiesFromIntSlice added in v0.19.0 

func NewAlertRuleSeveritiesFromIntSlice(sevSlice []int) AlertRuleSeverities

func (AlertRuleSeverities) ToStringSlice added in v0.19.0 

func (sevs AlertRuleSeverities) ToStringSlice() []string

type AlertRulesResponse added in v0.18.0 

type AlertRulesResponse struct {
	Data []AlertRule `json:"data"`
}

type AlertRulesService added in v0.18.0 

type AlertRulesService struct {
	// contains filtered or unexported fields
}

AlertRulesService is the service that interacts with the AlertRules schema from the Lacework APIv2 Server

func (*AlertRulesService) Create added in v0.18.0 

func (svc *AlertRulesService) Create(rule AlertRule) (
	response AlertRuleResponse,
	err error,
)

Create creates a single Alert Rule

func (*AlertRulesService) Delete added in v0.18.0 

func (svc *AlertRulesService) Delete(guid string) error

Delete deletes a Alert Rule that matches the provided guid

func (*AlertRulesService) Get added in v0.18.0 

func (svc *AlertRulesService) Get(guid string, response interface{}) error

Get returns a raw response of the Alert Rule with the matching guid.

func (*AlertRulesService) List added in v0.18.0 

func (svc *AlertRulesService) List() (response AlertRulesResponse, err error)

List returns a list of Alert Rules

func (*AlertRulesService) Update added in v0.18.0 

func (svc *AlertRulesService) Update(data AlertRule) (
	response AlertRuleResponse,
	err error,
)

Update updates a single Alert Rule of the provided guid.

type AlertSpec added in v1.0.0 

type AlertSpec struct {
	Profile string `json:"alertProfile"`
	Name    string `json:"name"`
}

type AlertTemplate added in v0.32.0 

type AlertTemplate struct {
	Name        string `json:"name" yaml:"name"`
	EventName   string `json:"eventName" yaml:"eventName"`
	Description string `json:"description" yaml:"description"`
	Subject     string `json:"subject" yaml:"subject"`
}

type AlertTimeline added in v1.0.0 

type AlertTimeline struct {
	ID              int                        `json:"id"`
	AlertID         int                        `json:"alertId"`
	EntryType       string                     `json:"entryType"`
	EntryAuthorType string                     `json:"entryAuthorType"`
	IntgGUID        string                     `json:"intgGuid"`
	Message         AlertTimelineMessage       `json:"message"`
	ExternalTime    string                     `json:"externalTime"`
	User            AlertTimelineUser          `json:"user"`
	UpdateContext   AlertTimelineUpdateContext `json:"updateContext"`
	Channel         AlertIntegrationChannel    `json:"alertChannel"`
}

type AlertTimelineMessage added in v1.0.0 

type AlertTimelineMessage struct {
	Format string `json:"format"`
	Value  string `json:"value"`
}

type AlertTimelineNewIntegrationContext added in v1.0.0 

type AlertTimelineNewIntegrationContext struct {
	AlertID                int    `json:"alertId"`
	LastSyncTime           string `json:"lastSyncTime"`
	AlertIntegrationStatus string `json:"alertIntegrationStatus"`
	Status                 string `json:"status"`
	Bidirectional          bool   `json:"isBidirectional"`
}

type AlertTimelineResponse added in v1.0.0 

type AlertTimelineResponse struct {
	Data []AlertTimeline `json:"data"`
}

type AlertTimelineUpdateContext added in v1.0.0 

type AlertTimelineUpdateContext struct {
	NewIntegration AlertTimelineNewIntegrationContext `json:"newIntegration"`
}

type AlertTimelineUser added in v1.0.0 

type AlertTimelineUser struct {
	UserGUID string `json:"userGuid"`
	Name     string `json:"username"`
}

type Alerts added in v1.0.0 

type Alerts []Alert

func (Alerts) SortByID added in v1.0.0 

func (a Alerts) SortByID()

Sort by alert ID descending

func (Alerts) SortBySeverity added in v1.0.0 

func (a Alerts) SortBySeverity()

Sort by alert severity descending (from critical -> low)

type AlertsCommentRequest added in v1.0.0 

type AlertsCommentRequest struct {
	Comment string `json:"comment"`
}

type AlertsCommentResponse added in v1.0.0 

type AlertsCommentResponse struct {
	Data AlertTimeline `json:"data"`
}

type AlertsResponse added in v1.0.0 

type AlertsResponse struct {
	Data   Alerts       `json:"data"`
	Paging V2Pagination `json:"paging"`
}

func (AlertsResponse) PageInfo added in v1.0.0 

func (r AlertsResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*AlertsResponse) ResetPaging added in v1.0.0 

func (r *AlertsResponse) ResetPaging()

type AlertsService added in v1.0.0 

type AlertsService struct {
	// contains filtered or unexported fields
}

AlertsService is a service that interacts with the Alerts endpoints from the Lacework Server

func (*AlertsService) Close added in v1.0.0 

func (svc *AlertsService) Close(request AlertCloseRequest) (
	response AlertCloseResponse,
	err error,
)

func (*AlertsService) Comment added in v1.0.0 

func (svc *AlertsService) Comment(id int, comment string) (
	response AlertsCommentResponse,
	err error,
)

func (*AlertsService) Exists added in v1.0.0 

func (svc *AlertsService) Exists(id int) (bool, error)

func (*AlertsService) Get added in v1.0.0 

func (svc *AlertsService) Get(id int, scope alertScope) (interface{}, error)

func (*AlertsService) GetDetails added in v1.0.0 

func (svc *AlertsService) GetDetails(id int) (
	response AlertDetailsResponse,
	err error,
)

func (*AlertsService) GetEvents added in v1.0.0 

func (svc *AlertsService) GetEvents(id int) (
	response AlertEventsResponse,
	err error,
)

func (*AlertsService) GetIntegrations added in v1.0.0 

func (svc *AlertsService) GetIntegrations(id int) (
	response AlertIntegrationsResponse,
	err error,
)

func (*AlertsService) GetInvestigation added in v1.0.0 

func (svc *AlertsService) GetInvestigation(id int) (
	response AlertInvestigationResponse,
	err error,
)

func (*AlertsService) GetRelatedAlerts added in v1.0.0 

func (svc *AlertsService) GetRelatedAlerts(id int) (
	response RelatedAlertsResponse,
	err error,
)

func (*AlertsService) GetTimeline added in v1.0.0 

func (svc *AlertsService) GetTimeline(id int) (
	response AlertTimelineResponse,
	err error,
)

func (*AlertsService) List added in v1.0.0 

func (svc *AlertsService) List() (response AlertsResponse, err error)

func (*AlertsService) ListAll added in v1.0.0 

func (svc *AlertsService) ListAll() (response AlertsResponse, err error)

func (*AlertsService) ListAllByTime added in v1.0.0 

func (svc *AlertsService) ListAllByTime(start, end time.Time) (
	response AlertsResponse,
	err error,
)

func (*AlertsService) ListByTime added in v1.0.0 

func (svc *AlertsService) ListByTime(start, end time.Time) (
	response AlertsResponse,
	err error,
)

func (*AlertsService) Search added in v1.0.0 

func (svc *AlertsService) Search(filter SearchFilter) (
	response AlertsResponse,
	err error,
)

func (*AlertsService) SearchAll added in v1.0.0 

func (svc *AlertsService) SearchAll(filter SearchFilter) (
	response AlertsResponse,
	err error,
)

type AwsCfg added in v0.41.0 

type AwsCfg struct {
	Data AwsCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsCfg) ID added in v0.41.0 

func (c AwsCfg) ID() string

func (AwsCfg) StateString added in v0.41.0 

func (c AwsCfg) StateString() string

func (AwsCfg) Status added in v0.41.0 

func (c AwsCfg) Status() string

type AwsCfgCredentials added in v0.41.0 

type AwsCfgCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsCfgData added in v0.41.0 

type AwsCfgData struct {
	Credentials  AwsCfgCredentials `json:"crossAccountCredentials"`
	AwsAccountID string            `json:"awsAccountId,omitempty"`
}

type AwsCfgIntegrationResponse added in v0.41.0 

type AwsCfgIntegrationResponse struct {
	Data AwsCfg `json:"data"`
}

type AwsCtSqsCredentials added in v0.10.0 

type AwsCtSqsCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsCtSqsData added in v0.10.0 

type AwsCtSqsData struct {
	Credentials  AwsCtSqsCredentials `json:"crossAccountCredentials"`
	QueueUrl     string              `json:"queueUrl"`
	AwsAccountID string              `json:"awsAccountId,omitempty"`

	// This field must be a base64 encode with the following format:
	//
	// "data:application/json;name=i.json;base64,[ENCODING]"
	//
	// [ENCODING] is the the base64 encode, use EncodeAccountMappingFile() to encode a JSON mapping file
	AccountMappingFile string `json:"accountMappingFile,omitempty"`
}

func (*AwsCtSqsData) DecodeAccountMappingFile added in v0.10.0 

func (aws *AwsCtSqsData) DecodeAccountMappingFile() ([]byte, error)

func (*AwsCtSqsData) EncodeAccountMappingFile added in v0.10.0 

func (aws *AwsCtSqsData) EncodeAccountMappingFile(mapping []byte)

type AwsCtSqsIntegration added in v0.10.0 

type AwsCtSqsIntegration struct {
	Data AwsCtSqsData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsCtSqsIntegration) ID added in v0.10.0 

func (c AwsCtSqsIntegration) ID() string

func (AwsCtSqsIntegration) StateString added in v0.34.0 

func (c AwsCtSqsIntegration) StateString() string

func (AwsCtSqsIntegration) Status added in v0.34.0 

func (c AwsCtSqsIntegration) Status() string

type AwsCtSqsIntegrationResponse added in v0.10.0 

type AwsCtSqsIntegrationResponse struct {
	Data AwsCtSqsIntegration `json:"data"`
}

type AwsEcrAccessKeyCredentials added in v0.42.0 

type AwsEcrAccessKeyCredentials struct {
	AccessKeyID     string `json:"accessKeyId,omitempty"`
	SecretAccessKey string `json:"secretAccessKey,omitempty"`
}

type AwsEcrAccessKeyData added in v0.42.0 

type AwsEcrAccessKeyData struct {
	AccessKeyCredentials AwsEcrAccessKeyCredentials `json:"accessKeyCredentials,omitempty"`
	RegistryDomain       string                     `json:"registryDomain"`
	LimitByTag           []string                   `json:"limitByTag,omitempty"`
	LimitByLabel         []map[string]string        `json:"limitByLabel,omitempty"`
	LimitByRep           []string                   `json:"limitByRep,omitempty"`
	LimitNumImg          int                        `json:"limitNumImg"`
	NonOSPackageEval     bool                       `json:"nonOsPackageEval"`
	AwsAuthType          string                     `json:"awsAuthType"`
	RegistryType         string                     `json:"registryType"`
}

type AwsEcrAccessKeyIntegrationResponse added in v0.42.0 

type AwsEcrAccessKeyIntegrationResponse struct {
	Data AwsEcrIntegration `json:"data"`
}

type AwsEcrCrossAccountCredentials added in v0.42.0 

type AwsEcrCrossAccountCredentials struct {
	RoleArn    string `json:"roleArn,omitempty"`
	ExternalID string `json:"externalId,omitempty"`
}

type AwsEcrIamRoleData added in v0.42.0 

type AwsEcrIamRoleData struct {
	CrossAccountCredentials AwsEcrCrossAccountCredentials `json:"crossAccountCredentials,omitempty"`
	RegistryDomain          string                        `json:"registryDomain"`
	RegistryType            string                        `json:"registryType"`
	LimitByTag              []string                      `json:"limitByTag,omitempty"`
	LimitByLabel            []map[string]string           `json:"limitByLabel,omitempty"`
	LimitByRep              []string                      `json:"limitByRep,omitempty"`
	LimitNumImg             int                           `json:"limitNumImg"`
	NonOSPackageEval        bool                          `json:"nonOsPackageEval"`
	AwsAuthType             string                        `json:"awsAuthType"`
}

type AwsEcrIamRoleIntegration added in v0.42.0 

type AwsEcrIamRoleIntegration struct {
	Data AwsEcrIamRoleData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEcrIamRoleIntegration) ContainerRegistryType added in v0.42.0 

func (reg AwsEcrIamRoleIntegration) ContainerRegistryType() containerRegistryType

func (AwsEcrIamRoleIntegration) ID added in v0.42.0 

func (c AwsEcrIamRoleIntegration) ID() string

func (AwsEcrIamRoleIntegration) StateString added in v0.42.0 

func (c AwsEcrIamRoleIntegration) StateString() string

func (AwsEcrIamRoleIntegration) Status added in v0.42.0 

func (c AwsEcrIamRoleIntegration) Status() string

type AwsEcrIamRoleIntegrationResponse added in v0.42.0 

type AwsEcrIamRoleIntegrationResponse struct {
	Data AwsEcrIamRoleIntegration `json:"data"`
}

type AwsEcrIntegration added in v0.2.1 

type AwsEcrIntegration struct {
	Data AwsEcrAccessKeyData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEcrIntegration) ID added in v0.42.0 

func (c AwsEcrIntegration) ID() string

func (AwsEcrIntegration) StateString added in v0.2.1 

func (c AwsEcrIntegration) StateString() string

func (AwsEcrIntegration) Status added in v0.2.1 

func (c AwsEcrIntegration) Status() string

type AwsEksAuditCredentials added in v0.29.0 

type AwsEksAuditCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsEksAuditData added in v0.29.0 

type AwsEksAuditData struct {
	Credentials AwsEksAuditCredentials `json:"crossAccountCredentials"`
	SnsArn      string                 `json:"snsArn"`
}

type AwsEksAuditIntegration added in v0.29.0 

type AwsEksAuditIntegration struct {
	Data AwsEksAuditData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEksAuditIntegration) ID added in v0.29.0 

func (c AwsEksAuditIntegration) ID() string

func (AwsEksAuditIntegration) StateString added in v0.34.0 

func (c AwsEksAuditIntegration) StateString() string

func (AwsEksAuditIntegration) Status added in v0.34.0 

func (c AwsEksAuditIntegration) Status() string

type AwsEksAuditIntegrationResponse added in v0.29.0 

type AwsEksAuditIntegrationResponse struct {
	Data AwsEksAuditIntegration `json:"data"`
}

type AwsRecommendationsV2 added in v1.5.2 

type AwsRecommendationsV2 struct {
	// contains filtered or unexported fields
}

AwsRecommendationsV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

func (*AwsRecommendationsV2) GetReport added in v1.5.2 

func (svc *AwsRecommendationsV2) GetReport(reportType string) ([]RecV2, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*AwsRecommendationsV2) List added in v1.5.2 

func (svc *AwsRecommendationsV2) List() ([]RecV2, error)

func (*AwsRecommendationsV2) Patch added in v1.5.2 

func (svc *AwsRecommendationsV2) Patch(recommendations RecommendationStateV2) (RecommendationResponseV2, error)

type AwsReport added in v0.44.0 

type AwsReport struct {
	ReportType      string             `json:"reportType"`
	ReportTitle     string             `json:"reportTitle"`
	Recommendations []RecommendationV2 `json:"recommendations"`
	Summary         []ReportSummary    `json:"summary"`
	AccountID       string             `json:"accountId"`
	AccountAlias    string             `json:"accountAlias"`
	ReportTime      time.Time          `json:"reportTime"`
}

func (AwsReport) GetComplianceRecommendation added in v0.44.0 

func (aws AwsReport) GetComplianceRecommendation(recommendationID string) RecommendationV2

type AwsReportConfig added in v0.44.0 

type AwsReportConfig struct {
	AccountID string
	Type      AwsReportType
}

type AwsReportResponse added in v0.44.0 

type AwsReportResponse struct {
	Data    []AwsReport `json:"data"`
	Ok      bool        `json:"ok"`
	Message string      `json:"message"`
}

type AwsReportRuleNotifications added in v0.21.0 

type AwsReportRuleNotifications struct {
	AwsCisS3          bool `json:"awsCisS3"`
	AwsHipaa          bool `json:"hipaa"`
	AwsIso2700        bool `json:"iso2700"`
	AwsNist80053Rev4  bool `json:"nist800-53Rev4"`
	AwsNist800171Rev2 bool `json:"nist800-171Rev2"`
	AwsPci            bool `json:"pci"`
	AwsSoc            bool `json:"soc"`
	AwsSocRev2        bool `json:"awsSocRev2"`
}

func (AwsReportRuleNotifications) ToMap added in v0.21.0 

func (aws AwsReportRuleNotifications) ToMap() map[string]bool

type AwsReportType added in v0.44.0 

type AwsReportType int
const (
	NONE_AWS_REPORT AwsReportType = iota
	AWS_CIS_S3
	NIST_800_53_Rev4
	NIST_800_171_Rev2
	ISO_2700
	HIPAA
	SOC
	AWS_SOC_Rev2
	PCI
	AWS_CIS_14
	AWS_CMMC_1_02
	AWS_HIPAA
	AWS_ISO_27001_2013
	AWS_NIST_CSF
	AWS_NIST_800_171_rev2
	AWS_NIST_800_53_rev5
	AWS_PCI_DSS_3_2_1
	AWS_SOC_2
	LW_AWS_SEC_ADD_1_0
)

func NewAwsReportType added in v0.44.0 

func NewAwsReportType(report string) (AwsReportType, error)

func (AwsReportType) String added in v0.44.0 

func (report AwsReportType) String() string

type AwsResourceGroupData added in v0.15.0 

type AwsResourceGroupData struct {
	Guid         string                `json:"guid,omitempty"`
	IsDefault    int                   `json:"isDefault,omitempty"`
	ResourceGuid string                `json:"resourceGuid,omitempty"`
	Name         string                `json:"resourceName"`
	Type         string                `json:"resourceType"`
	Enabled      int                   `json:"enabled,omitempty"`
	Props        AwsResourceGroupProps `json:"props"`
}

type AwsResourceGroupProps added in v0.15.0 

type AwsResourceGroupProps struct {
	Description string        `json:"description,omitempty"`
	AccountIDs  []string      `json:"accountIds"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (AwsResourceGroupProps) GetBaseProps added in v0.20.0 

func (props AwsResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (AwsResourceGroupProps) MarshalJSON added in v0.20.0 

func (props AwsResourceGroupProps) MarshalJSON() ([]byte, error)

type AwsResourceGroupResponse added in v0.15.0 

type AwsResourceGroupResponse struct {
	Data AwsResourceGroupData `json:"data"`
}

type AwsResourceJsonStringGroupProps added in v0.15.0 

type AwsResourceJsonStringGroupProps struct {
	Description string        `json:"DESCRIPTION,omitempty"`
	AccountIDs  []string      `json:"ACCOUNT_IDS"`
	UpdatedBy   string        `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type AwsS3AlertChannelResponseV2 added in v0.14.0 

type AwsS3AlertChannelResponseV2 struct {
	Data AwsS3AlertChannelV2 `json:"data"`
}

type AwsS3AlertChannelV2 added in v0.14.0 

type AwsS3AlertChannelV2 struct {
	Data AwsS3DataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (AwsS3AlertChannelV2) ID added in v0.14.0 

func (c AwsS3AlertChannelV2) ID() string

func (AwsS3AlertChannelV2) StateString added in v0.34.0 

func (c AwsS3AlertChannelV2) StateString() string

func (AwsS3AlertChannelV2) Status added in v0.34.0 

func (c AwsS3AlertChannelV2) Status() string

type AwsS3Credentials added in v0.14.0 

type AwsS3Credentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
	BucketArn  string `json:"bucketArn"`
}

type AwsS3DataV2 added in v0.14.0 

type AwsS3DataV2 struct {
	Credentials AwsS3Credentials `json:"s3CrossAccountCredentials"`
}

type AwsSidekick added in v0.40.0 

type AwsSidekick struct {
	Data AwsSidekickData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsSidekick) ID added in v0.40.0 

func (c AwsSidekick) ID() string

func (AwsSidekick) StateString added in v0.40.0 

func (c AwsSidekick) StateString() string

func (AwsSidekick) Status added in v0.40.0 

func (c AwsSidekick) Status() string

type AwsSidekickCrossAccountCredentials added in v0.41.0 

type AwsSidekickCrossAccountCredentials struct {
	RoleArn    string `json:"roleArn,omitempty"`
	ExternalID string `json:"externalId,omitempty"`
}

type AwsSidekickData added in v0.40.0 

type AwsSidekickData struct {
	//QueryText represents an lql json string
	QueryText string `json:"queryText,omitempty"`

	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency int `json:"scanFrequency"`

	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`

	AccountID         string                             `json:"awsAccountId,omitempty"`
	BucketArn         string                             `json:"bucketArn,omitempty"`
	CrossAccountCreds AwsSidekickCrossAccountCredentials `json:"crossAccountCredentials"`
}

type AwsSidekickOrg added in v0.43.0 

type AwsSidekickOrg struct {
	Data AwsSidekickOrgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsSidekickOrg) ID added in v0.43.0 

func (c AwsSidekickOrg) ID() string

func (AwsSidekickOrg) StateString added in v0.43.0 

func (c AwsSidekickOrg) StateString() string

func (AwsSidekickOrg) Status added in v0.43.0 

func (c AwsSidekickOrg) Status() string

type AwsSidekickOrgData added in v0.43.0 

type AwsSidekickOrgData struct {
	//QueryText represents an lql json string
	QueryText string `json:"queryText,omitempty"`

	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency int `json:"scanFrequency"`

	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`

	//Properties specific to the AWS organization integration type
	ScanningAccount   string `json:"scanningAccount"`
	ManagementAccount string `json:"managementAccount,omitempty"`
	MonitoredAccounts string `json:"monitoredAccounts"`

	AccountID         string                             `json:"awsAccountId,omitempty"`
	BucketArn         string                             `json:"bucketArn,omitempty"`
	CrossAccountCreds AwsSidekickCrossAccountCredentials `json:"crossAccountCredentials"`
}

type AwsSidekickOrgResponse added in v0.43.0 

type AwsSidekickOrgResponse struct {
	Data AwsSidekickOrg `json:"data"`
}

type AwsSidekickResponse added in v0.40.0 

type AwsSidekickResponse struct {
	Data AwsSidekick `json:"data"`
}

type AwsSuppressionsV2 added in v1.3.0 

type AwsSuppressionsV2 struct {
	// contains filtered or unexported fields
}

AwsSuppressionsV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

func (*AwsSuppressionsV2) List added in v1.3.0 

func (svc *AwsSuppressionsV2) List() (map[string]SuppressionV2, error)

type AwsUsGovCfg added in v0.42.0 

type AwsUsGovCfg struct {
	Data AwsUsGovCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsUsGovCfg) ID added in v0.42.0 

func (c AwsUsGovCfg) ID() string

func (AwsUsGovCfg) StateString added in v0.42.0 

func (c AwsUsGovCfg) StateString() string

func (AwsUsGovCfg) Status added in v0.42.0 

func (c AwsUsGovCfg) Status() string

type AwsUsGovCfgCredentials added in v0.42.0 

type AwsUsGovCfgCredentials struct {
	AwsAccountID    string `json:"accountId"`
	AccessKeyID     string `json:"accessKeyId"`
	SecretAccessKey string `json:"secretAccessKey"`
}

type AwsUsGovCfgData added in v0.42.0 

type AwsUsGovCfgData struct {
	Credentials AwsUsGovCfgCredentials `json:"accessKeyCredentials"`
}

type AwsUsGovCfgIntegrationResponse added in v0.42.0 

type AwsUsGovCfgIntegrationResponse struct {
	Data AwsUsGovCfg `json:"data"`
}

type AwsUsGovCtSqs added in v0.42.0 

type AwsUsGovCtSqs struct {
	Data AwsUsGovCtSqsData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsUsGovCtSqs) ID added in v0.42.0 

func (c AwsUsGovCtSqs) ID() string

func (AwsUsGovCtSqs) StateString added in v0.42.0 

func (c AwsUsGovCtSqs) StateString() string

func (AwsUsGovCtSqs) Status added in v0.42.0 

func (c AwsUsGovCtSqs) Status() string

type AwsUsGovCtSqsCredentials added in v0.42.0 

type AwsUsGovCtSqsCredentials struct {
	AwsAccountID    string `json:"accountId"`
	AccessKeyID     string `json:"accessKeyId"`
	SecretAccessKey string `json:"secretAccessKey"`
}

type AwsUsGovCtSqsData added in v0.42.0 

type AwsUsGovCtSqsData struct {
	Credentials AwsUsGovCtSqsCredentials `json:"accessKeyCredentials"`
	QueueUrl    string                   `json:"queueUrl"`
}

type AwsUsGovCtSqsIntegrationResponse added in v0.42.0 

type AwsUsGovCtSqsIntegrationResponse struct {
	Data AwsUsGovCtSqs `json:"data"`
}

type AzureAlSeq added in v0.42.0 

type AzureAlSeq struct {
	Data AzureAlSeqData `json:"data"`
	// contains filtered or unexported fields
}

func (AzureAlSeq) ID added in v0.42.0 

func (c AzureAlSeq) ID() string

func (AzureAlSeq) StateString added in v0.42.0 

func (c AzureAlSeq) StateString() string

func (AzureAlSeq) Status added in v0.42.0 

func (c AzureAlSeq) Status() string

type AzureAlSeqCredentials added in v0.42.0 

type AzureAlSeqCredentials struct {
	ClientID     string `json:"clientId"`
	ClientSecret string `json:"clientSecret"`
}

type AzureAlSeqData added in v0.42.0 

type AzureAlSeqData struct {
	Credentials AzureAlSeqCredentials `json:"credentials"`
	TenantID    string                `json:"tenantId"`
	QueueUrl    string                `json:"queueUrl"`
}

type AzureAlSeqIntegrationResponse added in v0.42.0 

type AzureAlSeqIntegrationResponse struct {
	Data AzureAlSeq `json:"data"`
}

type AzureCfg added in v0.42.0 

type AzureCfg struct {
	Data AzureCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AzureCfg) ID added in v0.42.0 

func (c AzureCfg) ID() string

func (AzureCfg) StateString added in v0.42.0 

func (c AzureCfg) StateString() string

func (AzureCfg) Status added in v0.42.0 

func (c AzureCfg) Status() string

type AzureCfgCredentials added in v0.42.0 

type AzureCfgCredentials struct {
	ClientID     string `json:"clientId"`
	ClientSecret string `json:"clientSecret"`
}

type AzureCfgData added in v0.42.0 

type AzureCfgData struct {
	Credentials AzureCfgCredentials `json:"credentials"`
	TenantID    string              `json:"tenantId"`
}

type AzureCfgIntegrationResponse added in v0.42.0 

type AzureCfgIntegrationResponse struct {
	Data AzureCfg `json:"data"`
}

type AzureConfigData added in v1.0.0 

type AzureConfigData struct {
	Tenant        string   `json:"tenant"`
	Subscriptions []string `json:"subscriptions"`
}

type AzureConfigsResponse added in v1.0.0 

type AzureConfigsResponse struct {
	Data []AzureConfigData `json:"data"`
}

type AzureRecommendationsV2 added in v1.5.2 

type AzureRecommendationsV2 struct {
	// contains filtered or unexported fields
}

AzureRecommendationsV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

func (*AzureRecommendationsV2) GetReport added in v1.5.2 

func (svc *AzureRecommendationsV2) GetReport(reportType string) ([]RecV2, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*AzureRecommendationsV2) List added in v1.5.2 

func (svc *AzureRecommendationsV2) List() ([]RecV2, error)

func (*AzureRecommendationsV2) Patch added in v1.5.2 

func (svc *AzureRecommendationsV2) Patch(recommendations RecommendationStateV2) (RecommendationResponseV2, error)

type AzureReport added in v0.44.0 

type AzureReport struct {
	ReportType       string             `json:"reportType"`
	ReportTitle      string             `json:"reportTitle"`
	Recommendations  []RecommendationV2 `json:"recommendations"`
	Summary          []ReportSummary    `json:"summary"`
	ReportTime       time.Time          `json:"reportTime"`
	SubscriptionName string             `json:"subscriptionName"`
	SubscriptionID   string             `json:"SubscriptionID"`
	TenantName       string             `json:"tenantName"`
	TenantID         string             `json:"tenantId"`
}

func (AzureReport) GetComplianceRecommendation added in v0.44.0 

func (azure AzureReport) GetComplianceRecommendation(recommendationID string) RecommendationV2

type AzureReportConfig added in v0.44.0 

type AzureReportConfig struct {
	TenantID       string
	SubscriptionID string
	Type           AzureReportType
}

type AzureReportResponse added in v0.44.0 

type AzureReportResponse struct {
	Data    []AzureReport `json:"data"`
	Ok      bool          `json:"ok"`
	Message string        `json:"message"`
}

type AzureReportRuleNotifications added in v0.21.0 

type AzureReportRuleNotifications struct {
	AzureCis    bool `json:"azureCis"`
	AzureCis131 bool `json:"azureCis131"`
	AzurePci    bool `json:"azurePci"`
	AzureSoc    bool `json:"azureSoc"`
}

func (AzureReportRuleNotifications) ToMap added in v0.21.0 

func (az AzureReportRuleNotifications) ToMap() map[string]bool

type AzureReportType added in v0.44.0 

type AzureReportType int
const (
	NONE_AZURE_REPORT AzureReportType = iota
	AZURE_CIS
	AZURE_CIS_131
	AZURE_SOC
	AZURE_SOC_Rev2
	AZURE_PCI
	AZURE_PCI_Rev2
	AZURE_ISO_27001
	AZURE_NIST_CSF
	AZURE_NIST_800_53_REV5
	AZURE_NIST_800_171_REV2
	AZURE_HIPAA
)

func NewAzureReportType added in v0.44.0 

func NewAzureReportType(report string) (AzureReportType, error)

func (AzureReportType) String added in v0.44.0 

func (report AzureReportType) String() string

type AzureResourceGroupData added in v0.15.0 

type AzureResourceGroupData struct {
	Guid         string                  `json:"guid,omitempty"`
	IsDefault    int                     `json:"isDefault,omitempty"`
	ResourceGuid string                  `json:"resourceGuid,omitempty"`
	Name         string                  `json:"resourceName"`
	Type         string                  `json:"resourceType"`
	Enabled      int                     `json:"enabled,omitempty"`
	Props        AzureResourceGroupProps `json:"props"`
}

type AzureResourceGroupProps added in v0.15.0 

type AzureResourceGroupProps struct {
	Description   string        `json:"description,omitempty"`
	Tenant        string        `json:"tenant"`
	Subscriptions []string      `json:"subscriptions"`
	UpdatedBy     string        `json:"updatedBy,omitempty"`
	LastUpdated   *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (AzureResourceGroupProps) GetBaseProps added in v0.20.0 

func (props AzureResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (AzureResourceGroupProps) MarshalJSON added in v0.20.0 

func (props AzureResourceGroupProps) MarshalJSON() ([]byte, error)

type AzureResourceGroupResponse added in v0.15.0 

type AzureResourceGroupResponse struct {
	Data AzureResourceGroupData `json:"data"`
}

type AzureResourceJsonStringGroupProps added in v0.15.0 

type AzureResourceJsonStringGroupProps struct {
	Description   string        `json:"DESCRIPTION,omitempty"`
	Tenant        string        `json:"TENANT"`
	Subscriptions []string      `json:"SUBSCRIPTIONS"`
	UpdatedBy     string        `json:"UPDATED_BY,omitempty"`
	LastUpdated   *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type AzureSuppressionsV2 added in v1.5.0 

type AzureSuppressionsV2 struct {
	// contains filtered or unexported fields
}

AzureSuppressionsV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

func (*AzureSuppressionsV2) List added in v1.5.0 

func (svc *AzureSuppressionsV2) List() (map[string]SuppressionV2, error)

type CiscoSparkWebhookAlertChannelResponseV2 added in v0.18.0 

type CiscoSparkWebhookAlertChannelResponseV2 struct {
	Data CiscoSparkWebhookAlertChannelV2 `json:"data"`
}

type CiscoSparkWebhookAlertChannelV2 added in v0.18.0 

type CiscoSparkWebhookAlertChannelV2 struct {
	Data CiscoSparkWebhookDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (CiscoSparkWebhookAlertChannelV2) ID added in v0.18.0 

func (c CiscoSparkWebhookAlertChannelV2) ID() string

func (CiscoSparkWebhookAlertChannelV2) StateString added in v0.34.0 

func (c CiscoSparkWebhookAlertChannelV2) StateString() string

func (CiscoSparkWebhookAlertChannelV2) Status added in v0.34.0 

func (c CiscoSparkWebhookAlertChannelV2) Status() string

type CiscoSparkWebhookDataV2 added in v0.18.0 

type CiscoSparkWebhookDataV2 struct {
	Webhook string `json:"webhook"`
}

type Client 

type Client struct {
	Policy *PolicyService

	V2 *V2Endpoints
	// contains filtered or unexported fields
}

func CopyClient added in v0.10.0 

func CopyClient(origin *Client, opts ...Option) (*Client, error)

CopyClient generates a copy of the provider Lacework API Go client

Example of basic usage 

client, err := api.NewClient("demo")
if err == nil {
    client.Integrations.List()
}

clientCopy, err := api.CopyClient(client, api.WithOrgAccess())
if err == nil {
    clientCopy.Integrations.List()
}

func NewClient 

func NewClient(account string, opts ...Option) (*Client, error)

New generates a new Lacework API client

Example of basic usage 

lacework, err := api.NewClient("demo")
if err == nil {
    lacework.Integrations.List()
}

func (*Client) ApiVersion 

func (c *Client) ApiVersion() string

ApiVersion returns the API client version

func (*Client) Do 

func (c *Client) Do(req *http.Request) (*http.Response, error)

Do calls request.Do() directly

func (*Client) DoDecoder 

func (c *Client) DoDecoder(req *http.Request, v interface{}) (*http.Response, error)

DoDecoder is used to execute (aka Do) the http request and decode it into the provided interface, all at once

func (*Client) GenerateToken 

func (c *Client) GenerateToken() (*TokenData, error)

GenerateToken generates a new access token

func (*Client) GenerateTokenWithKeys 

func (c *Client) GenerateTokenWithKeys(keyID, secretKey string) (*TokenData, error)

GenerateTokenWithKeys generates a new access token with the provided keys

func (*Client) NewRequest 

func (c *Client) NewRequest(method string, apiURL string, body io.Reader) (*http.Request, error)

NewRequest generates a new http request

func (*Client) NextPage added in v0.25.0 

func (c *Client) NextPage(p Pageable) (bool, error)

NextPage

Use this function to access the next page from an API v2 endpoint, the provided response must implement the Pageable interface and when it is passed, it will be overwritten, if the response doesn't have paging information this function returns false and not error

Usage: To iterate over all pages

```go var ( 

response = api.MachineDetailEntityResponse{}
err      = client.V2.Entities.Search(&response, api.SearchFilter{})

) 

for {
		// Use information from response.Data
		fmt.Printf("Data from page: %d\n", len(response.Data))

		pageOk, err := client.NextPage(&response)
		if err != nil {
			fmt.Printf("Unable to access next page, error '%s'", err.Error())
			break
		}

		if pageOk {
			continue
		}
		break
}

```

func (*Client) OrgAccess added in v0.23.0 

func (c *Client) OrgAccess() bool

OrgAccess check if the Org-Access header is set to 'true', if so, the client is configured to manage org level dataset

func (*Client) RequestDecoder 

func (c *Client) RequestDecoder(method, path string, body io.Reader, v interface{}) error

RequestDecoder performs an http request on an endpoint, and decodes the response into the provided interface, all at once

func (*Client) RequestEncoderDecoder added in v0.1.3 

func (c *Client) RequestEncoderDecoder(method, path string, data, v interface{}) error

RequestEncoderDecoder leverages RequestDecoder and performs an http request that first encodes the provider 'data' as a JSON Reader and passes it as the body to the request

func (*Client) TokenExpired added in v0.2.21 

func (c *Client) TokenExpired() bool

func (*Client) URL 

func (c *Client) URL() string

URL returns the base url configured

func (*Client) ValidAuth added in v0.2.13 

func (c *Client) ValidAuth() bool

ValidAuth verifies that the client has valid authentication

type CloudAccount added in v0.10.0 

type CloudAccount interface {
	ID() string
	CloudAccountType() cloudAccountType
}

CloudAccount is an interface that helps us implement a few functions that any Cloud Account might use, there are some cases, like during Update, where we need to get the ID of the Cloud Account and its type, this will allow users to pass any Cloud Account that implements these methods

type CloudAccountRaw added in v0.10.0 

type CloudAccountRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewCloudAccount added in v0.10.0 

func NewCloudAccount(name string, iType cloudAccountType, data interface{}) CloudAccountRaw

NewCloudAccount returns an instance of the CloudAccountRaw struct with the provided Cloud Account integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Cloud Account type.

Basic usage: Initialize a new AwsIntegration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

awsCtSqs := api.NewCloudAccount("foo",
  api.AwsCtSqsCloudAccount,
  api.AwsCtSqsData{
    QueueUrl: "https://sqs.us-west-2.amazonaws.com/123456789000/lw",
    Credentials: &api.AwsCtSqsCredentials {
      RoleArn: "arn:aws:XYZ",
      ExternalID: "1",
    },
  },
)

client.V2.CloudAccount.Create(awsCtSqs)

func (CloudAccountRaw) CloudAccountType added in v0.10.0 

func (cloud CloudAccountRaw) CloudAccountType() cloudAccountType

func (CloudAccountRaw) GetCommon added in v0.42.0 

func (cloud CloudAccountRaw) GetCommon() v2CommonIntegrationData

func (CloudAccountRaw) GetData added in v0.42.0 

func (cloud CloudAccountRaw) GetData() any

func (CloudAccountRaw) ID added in v0.10.0 

func (c CloudAccountRaw) ID() string

func (CloudAccountRaw) StateString added in v0.34.0 

func (c CloudAccountRaw) StateString() string

func (CloudAccountRaw) Status added in v0.34.0 

func (c CloudAccountRaw) Status() string

type CloudAccountResponse added in v0.10.0 

type CloudAccountResponse struct {
	Data CloudAccountRaw `json:"data"`
}

type CloudAccountsResponse added in v0.10.0 

type CloudAccountsResponse struct {
	Data []CloudAccountRaw `json:"data"`
}

type CloudAccountsService added in v0.10.0 

type CloudAccountsService struct {
	// contains filtered or unexported fields
}

CloudAccountsService is the service that interacts with the CloudAccounts schema from the Lacework APIv2 Server

func (*CloudAccountsService) Create added in v0.10.0 

func (svc *CloudAccountsService) Create(integration CloudAccountRaw) (
	response CloudAccountResponse,
	err error,
)

Create creates a single Cloud Account integration

func (*CloudAccountsService) CreateAwsSidekick added in v0.40.0 

func (svc *CloudAccountsService) CreateAwsSidekick(data CloudAccount) (
	response AwsSidekickResponse,
	err error,
)

CreateAwsSidekick creates an AwsSidekick Cloud Account integration

func (*CloudAccountsService) CreateAwsSidekickOrg added in v0.43.0 

func (svc *CloudAccountsService) CreateAwsSidekickOrg(data CloudAccount) (
	response AwsSidekickOrgResponse,
	err error,
)

CreateAwsSidekickOrg creates an AwsSidekickOrg Cloud Account integration

func (*CloudAccountsService) CreateGcpSidekick added in v1.1.2 

func (svc *CloudAccountsService) CreateGcpSidekick(data CloudAccount) (
	response GcpSidekickIntegrationResponse,
	err error,
)

CreateGcpSidekick creates an GcpSidekick Cloud Account integration

func (*CloudAccountsService) Delete added in v0.10.0 

func (svc *CloudAccountsService) Delete(guid string) error

Delete deletes a Cloud Account integration that matches the provided guid

func (*CloudAccountsService) Get added in v0.10.0 

func (svc *CloudAccountsService) Get(guid string, response interface{}) error

Get returns a raw response of the Cloud Account with the matching integration guid.

To return a more specific Go struct of a Cloud Account integration, use the proper method such as GetAwsCtSqs() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Cloud Account integration type.

func (*CloudAccountsService) GetAwsCfg added in v0.41.0 

func (svc *CloudAccountsService) GetAwsCfg(guid string) (
	response AwsCfgIntegrationResponse,
	err error,
)

GetAwsCfg gets a single AwsCfg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsCtSqs added in v0.10.0 

func (svc *CloudAccountsService) GetAwsCtSqs(guid string) (
	response AwsCtSqsIntegrationResponse,
	err error,
)

GetAwsCtSqs gets a single AwsCtSqs integration matching the provided integration guid

func (*CloudAccountsService) GetAwsEksAudit added in v0.29.0 

func (svc *CloudAccountsService) GetAwsEksAudit(guid string) (
	response AwsEksAuditIntegrationResponse,
	err error,
)

GetAwsEksAudit gets a single AwsEksAudit integration matching the provided integration guid

func (*CloudAccountsService) GetAwsSidekick added in v0.40.0 

func (svc *CloudAccountsService) GetAwsSidekick(guid string) (
	response AwsSidekickResponse,
	err error,
)

GetAwsSidekick gets a single AwsSidekick integration matching the provided integration guid

func (*CloudAccountsService) GetAwsSidekickOrg added in v0.43.0 

func (svc *CloudAccountsService) GetAwsSidekickOrg(guid string) (
	response AwsSidekickOrgResponse,
	err error,
)

GetAwsSidekickOrg gets a single AwsSidekickOrg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsUsGovCfg added in v0.42.0 

func (svc *CloudAccountsService) GetAwsUsGovCfg(guid string) (
	response AwsUsGovCfgIntegrationResponse,
	err error,
)

GetAwsUsGovCfg gets a single AwsUsGovCfg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsUsGovCtSqs added in v0.42.0 

func (svc *CloudAccountsService) GetAwsUsGovCtSqs(guid string) (
	response AwsUsGovCtSqsIntegrationResponse,
	err error,
)

GetAwsUsGovCtSqs gets a single AwsUsGovCtSqs integration matching the provided integration guid

func (*CloudAccountsService) GetAzureAlSeq added in v0.42.0 

func (svc *CloudAccountsService) GetAzureAlSeq(guid string) (
	response AzureAlSeqIntegrationResponse,
	err error,
)

GetAzureAlSeq gets a single AzureAlSeq integration matching the provided integration guid

func (*CloudAccountsService) GetAzureCfg added in v0.42.0 

func (svc *CloudAccountsService) GetAzureCfg(guid string) (
	response AzureCfgIntegrationResponse,
	err error,
)

GetAzureCfg gets a single AzureCfg integration matching the provided integration guid

func (*CloudAccountsService) GetGcpAtSes added in v0.42.0 

func (svc *CloudAccountsService) GetGcpAtSes(guid string) (
	response GcpAtSesIntegrationResponse,
	err error,
)

GetGcpAtSes gets a single GcpAtSes integration matching the provided integration guid

func (*CloudAccountsService) GetGcpCfg added in v0.42.0 

func (svc *CloudAccountsService) GetGcpCfg(guid string) (
	response GcpCfgIntegrationResponse,
	err error,
)

GetGcpCfg gets a single GcpCfg integration matching the provided integration guid

func (*CloudAccountsService) GetGcpGkeAudit added in v0.36.0 

func (svc *CloudAccountsService) GetGcpGkeAudit(guid string) (
	response GcpGkeAuditIntegrationResponse,
	err error,
)

GetGcpGkeAudit gets a single GcpGkeAudit integration matching the provided integration guid

func (*CloudAccountsService) GetGcpSidekick added in v1.0.0 

func (svc *CloudAccountsService) GetGcpSidekick(guid string) (
	response GcpSidekickIntegrationResponse,
	err error,
)

GetGcpSidekick gets a single GcpSidekick integration matching the provided integration guid

func (*CloudAccountsService) List added in v0.10.0 

func (svc *CloudAccountsService) List() (response CloudAccountsResponse, err error)

List returns a list of Cloud Account integrations

func (*CloudAccountsService) ListByType added in v0.34.0 

func (svc *CloudAccountsService) ListByType(caType cloudAccountType) (response CloudAccountsResponse, err error)

ListByType lists the cloud accounts from the provided type that are available on the Lacework Server

func (*CloudAccountsService) UpdateAwsCfg added in v0.41.0 

func (svc *CloudAccountsService) UpdateAwsCfg(data CloudAccount) (
	response AwsCfgIntegrationResponse,
	err error,
)

UpdateAwsCfg updates a single AwsCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsCtSqs added in v0.10.0 

func (svc *CloudAccountsService) UpdateAwsCtSqs(data CloudAccount) (
	response AwsCtSqsIntegrationResponse,
	err error,
)

UpdateAwsCtSqs updates a single AwsCtSqs integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsEksAudit added in v0.29.0 

func (svc *CloudAccountsService) UpdateAwsEksAudit(data CloudAccount) (
	response AwsEksAuditIntegrationResponse,
	err error,
)

UpdateAwsEksAudit updates a single AwsEksAudit integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsSidekick added in v0.40.0 

func (svc *CloudAccountsService) UpdateAwsSidekick(data CloudAccount) (
	response AwsSidekickResponse,
	err error,
)

UpdateAwsSidekick updates a single AwsSidekick integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsSidekickOrg added in v0.43.0 

func (svc *CloudAccountsService) UpdateAwsSidekickOrg(data CloudAccount) (
	response AwsSidekickOrgResponse,
	err error,
)

UpdateAwsSidekickOrg updates a single AwsSidekickOrg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsUsGovCfg added in v0.42.0 

func (svc *CloudAccountsService) UpdateAwsUsGovCfg(data CloudAccount) (
	response AwsUsGovCfgIntegrationResponse,
	err error,
)

UpdateAwsUsGovCfg updates a single AwsUsGovCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsUsGovCtSqs added in v0.42.0 

func (svc *CloudAccountsService) UpdateAwsUsGovCtSqs(data CloudAccount) (
	response AwsUsGovCtSqsIntegrationResponse,
	err error,
)

UpdateAwsUsGovCtSqs updates a single AwsUsGovCtSqs integration on the Lacework Server

func (*CloudAccountsService) UpdateAzureAlSeq added in v0.42.0 

func (svc *CloudAccountsService) UpdateAzureAlSeq(data CloudAccount) (
	response AzureAlSeqIntegrationResponse,
	err error,
)

UpdateAzureAlSeq updates a single AzureAlSeq integration on the Lacework Server

func (*CloudAccountsService) UpdateAzureCfg added in v0.42.0 

func (svc *CloudAccountsService) UpdateAzureCfg(data CloudAccount) (
	response AzureCfgIntegrationResponse,
	err error,
)

UpdateAzureCfg updates a single AzureCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpAtSes added in v0.42.0 

func (svc *CloudAccountsService) UpdateGcpAtSes(data CloudAccount) (
	response GcpAtSesIntegrationResponse,
	err error,
)

UpdateGcpAtSes updates a single GcpAtSes integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpCfg added in v0.42.0 

func (svc *CloudAccountsService) UpdateGcpCfg(data CloudAccount) (
	response GcpCfgIntegrationResponse,
	err error,
)

UpdateGcpCfg updates a single GcpCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpGkeAudit added in v0.36.0 

func (svc *CloudAccountsService) UpdateGcpGkeAudit(data CloudAccount) (
	response GcpGkeAuditIntegrationResponse,
	err error,
)

UpdateGcpGkeAudit updates a single GcpGkeAudit integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpSidekick added in v1.0.0 

func (svc *CloudAccountsService) UpdateGcpSidekick(data CloudAccount) (
	response GcpSidekickIntegrationResponse,
	err error,
)

UpdateGcpSidekick updates a single GcpSidekick integration on the Lacework Server

type CloudComplianceReportV2 added in v0.44.0 

type CloudComplianceReportV2 interface {
	GetComplianceRecommendation(recommendationID string) RecommendationV2
}

type CloudwatchEbAlertChannelResponseV2 added in v0.17.0 

type CloudwatchEbAlertChannelResponseV2 struct {
	Data CloudwatchEbAlertChannelV2 `json:"data"`
}

type CloudwatchEbAlertChannelV2 added in v0.17.0 

type CloudwatchEbAlertChannelV2 struct {
	Data CloudwatchEbDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (CloudwatchEbAlertChannelV2) ID added in v0.17.0 

func (c CloudwatchEbAlertChannelV2) ID() string

func (CloudwatchEbAlertChannelV2) StateString added in v0.34.0 

func (c CloudwatchEbAlertChannelV2) StateString() string

func (CloudwatchEbAlertChannelV2) Status added in v0.34.0 

func (c CloudwatchEbAlertChannelV2) Status() string

type CloudwatchEbDataV2 added in v0.17.0 

type CloudwatchEbDataV2 struct {
	EventBusArn   string `json:"eventBusArn"`
	IssueGrouping string `json:"issueGrouping,omitempty"`
}

type ComplianceEvaluationAws added in v0.41.0 

type ComplianceEvaluationAws struct {
	Account struct {
		AccountId    string `json:"AccountId"`
		AccountAlias string `json:"Account_Alias"`
	} `json:"account"`
	EvalType       string    `json:"evalType"`
	Id             string    `json:"id"`
	Reason         string    `json:"reason"`
	Recommendation string    `json:"recommendation"`
	ReportTime     time.Time `json:"reportTime"`
	Resource       string    `json:"resource"`
	Section        string    `json:"section"`
	Severity       string    `json:"severity"`
	Status         string    `json:"status"`
}

type ComplianceEvaluationAwsResponse added in v0.41.0 

type ComplianceEvaluationAwsResponse struct {
	Data   []ComplianceEvaluationAws `json:"data"`
	Paging V2Pagination              `json:"paging"`
}

func (ComplianceEvaluationAwsResponse) GetDataLength added in v1.0.0 

func (r ComplianceEvaluationAwsResponse) GetDataLength() int

func (ComplianceEvaluationAwsResponse) PageInfo added in v0.41.0 

func (r ComplianceEvaluationAwsResponse) PageInfo() *V2Pagination

func (*ComplianceEvaluationAwsResponse) ResetPaging added in v0.41.0 

func (r *ComplianceEvaluationAwsResponse) ResetPaging()

type ComplianceEvaluationSearch added in v0.41.0 

type ComplianceEvaluationSearch struct {
	SearchFilter
	Dataset complianceEvaluationDataset `json:"dataset"`
}

func (*ComplianceEvaluationSearch) GetTimeFilter added in v1.0.0 

func (c *ComplianceEvaluationSearch) GetTimeFilter() *TimeFilter

func (*ComplianceEvaluationSearch) SetEndTime added in v1.0.0 

func (c *ComplianceEvaluationSearch) SetEndTime(t *time.Time)

func (*ComplianceEvaluationSearch) SetStartTime added in v1.0.0 

func (c *ComplianceEvaluationSearch) SetStartTime(t *time.Time)

type ComplianceEvaluationService added in v0.41.0 

type ComplianceEvaluationService struct {
	// contains filtered or unexported fields
}

func (*ComplianceEvaluationService) Search added in v0.41.0 

func (svc *ComplianceEvaluationService) Search(response interface{}, filters SearchableFilter) error

Search expects the response and the search filters

e.g. 

 var (
	  awsComplianceEvaluationSearchResponse api.ComplianceEvaluationAwsResponse
	  filter = api.ComplianceEvaluationSearch{
		  SearchFilter: api.SearchFilter{
			  Filters: []api.Filter{{
				  Expression: "eq",
				  Field:      "resource",
				  Value:      arn:aws:s3:::my-bucket,
			  }},
		  },
		  Dataset: api.AwsComplianceEvaluationDataset,
	  }
 )
  lacework.V2.ComplianceEvaluation.Search(&awsComplianceEvaluationSearchResponse, filters)

type ComplianceViolationV2 added in v0.44.0 

type ComplianceViolationV2 struct {
	Region   string   `json:"region"`
	Resource string   `json:"resource"`
	Reasons  []string `json:"reasons"`
}

type ContainerRegistriesResponse added in v0.13.0 

type ContainerRegistriesResponse struct {
	Data []ContainerRegistryRaw `json:"data"`
}

type ContainerRegistriesService added in v0.13.0 

type ContainerRegistriesService struct {
	// contains filtered or unexported fields
}

ContainerRegistriesService is the service that interacts with the ContainerRegistries schema from the Lacework APIv2 Server

func (*ContainerRegistriesService) Create added in v0.13.0 

func (svc *ContainerRegistriesService) Create(integration ContainerRegistryRaw) (
	response ContainerRegistryResponse,
	err error,
)

Create creates a single Container Registry integration

func (*ContainerRegistriesService) Delete added in v0.13.0 

func (svc *ContainerRegistriesService) Delete(guid string) error

Delete deletes a Container Registry integration that matches the provided guid

func (*ContainerRegistriesService) Get added in v0.13.0 

func (svc *ContainerRegistriesService) Get(guid string, response interface{}) error

Get returns a raw response of the Container Registry with the matching integration guid.

To return a more specific Go struct of a Container Registry integration, use the proper method such as GetGhcr() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Container Registry integration type.

func (*ContainerRegistriesService) GetAwsEcrAccessKey added in v0.42.0 

func (svc *ContainerRegistriesService) GetAwsEcrAccessKey(guid string) (
	response AwsEcrAccessKeyIntegrationResponse,
	err error,
)

GetAwsEcrAccessKey gets a single AwsEcrAccessKey integration with access key credentials matching the provided integration guid

func (*ContainerRegistriesService) GetAwsEcrIamRole added in v0.42.0 

func (svc *ContainerRegistriesService) GetAwsEcrIamRole(guid string) (
	response AwsEcrIamRoleIntegrationResponse,
	err error,
)

GetAwsEcrIamRole gets a single AwsEcr with Iam Role credentials integration matching the provided integration guid

func (*ContainerRegistriesService) GetDockerhub added in v0.42.0 

func (svc *ContainerRegistriesService) GetDockerhub(guid string) (
	response DockerhubIntegrationResponse,
	err error,
)

GetDockerhub gets a single Dockerhub integration matching the provided integration guid

func (*ContainerRegistriesService) GetDockerhubV2 added in v0.42.0 

func (svc *ContainerRegistriesService) GetDockerhubV2(guid string) (
	response DockerhubV2IntegrationResponse,
	err error,
)

GetDockerhubV2 gets a single DockerhubV2 integration matching the provided integration guid

func (*ContainerRegistriesService) GetGcpGar added in v0.13.0 

func (svc *ContainerRegistriesService) GetGcpGar(guid string) (
	response GcpGarIntegrationResponse,
	err error,
)

GetGcpGar gets a single GcpGar integration matching the provided integration guid

func (*ContainerRegistriesService) GetGcpGcr added in v0.42.0 

func (svc *ContainerRegistriesService) GetGcpGcr(guid string) (
	response GcpGcrIntegrationResponse,
	err error,
)

GetGcpGcr gets a single GcpGcr integration matching the provided integration guid

func (*ContainerRegistriesService) GetGhcr added in v0.13.0 

func (svc *ContainerRegistriesService) GetGhcr(guid string) (
	response GhcrIntegrationResponse,
	err error,
)

GetGhcr gets a single Ghcr integration matching the provided integration guid

func (*ContainerRegistriesService) GetInlineScanner added in v0.39.0 

func (svc *ContainerRegistriesService) GetInlineScanner(guid string) (
	response InlineScannerIntegrationResponse,
	err error,
)

GetInlineScanner gets a single InlineScanner integration matching the provided integration guid

func (*ContainerRegistriesService) GetProxyScanner added in v1.2.0 

func (svc *ContainerRegistriesService) GetProxyScanner(guid string) (
	response ProxyScannerIntegrationResponse,
	err error,
)

GetProxyScanner gets a single ProxyScanner integration matching the provided integration guid

func (*ContainerRegistriesService) List added in v0.13.0 

func (svc *ContainerRegistriesService) List() (response ContainerRegistriesResponse, err error)

List returns a list of Container Registry integrations

func (*ContainerRegistriesService) UpdateAwsEcrAccessKey added in v0.42.0 

func (svc *ContainerRegistriesService) UpdateAwsEcrAccessKey(data ContainerRegistry) (
	response AwsEcrAccessKeyIntegrationResponse,
	err error,
)

UpdateAwsEcrAccessKey updates a single AwsEcrAccessKey integration with access key credential on the Lacework Server

func (*ContainerRegistriesService) UpdateAwsEcrIamRole added in v0.42.0 

func (svc *ContainerRegistriesService) UpdateAwsEcrIamRole(data ContainerRegistry) (
	response AwsEcrIamRoleIntegrationResponse,
	err error,
)

UpdateAwsEcrIamRole updates a single AwsEcr with Iam Role credentials integration on the Lacework Server

func (*ContainerRegistriesService) UpdateDockerhub added in v0.42.0 

func (svc *ContainerRegistriesService) UpdateDockerhub(data ContainerRegistry) (
	response DockerhubIntegrationResponse,
	err error,
)

UpdateDockerhub updates a single Dockerhub integration on the Lacework Server

func (*ContainerRegistriesService) UpdateDockerhubV2 added in v0.42.0 

func (svc *ContainerRegistriesService) UpdateDockerhubV2(data ContainerRegistry) (
	response DockerhubV2IntegrationResponse,
	err error,
)

UpdateDockerhubV2 updates a single DockerhubV2 integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGcpGar added in v0.13.0 

func (svc *ContainerRegistriesService) UpdateGcpGar(data ContainerRegistry) (
	response GcpGarIntegrationResponse,
	err error,
)

UpdateGcpGar updates a single GcpGar integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGcpGcr added in v0.42.0 

func (svc *ContainerRegistriesService) UpdateGcpGcr(data ContainerRegistry) (
	response GcpGcrIntegrationResponse,
	err error,
)

UpdateGcpGcr updates a single GcpGcr integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGhcr added in v0.13.0 

func (svc *ContainerRegistriesService) UpdateGhcr(data ContainerRegistry) (
	response GhcrIntegrationResponse,
	err error,
)

UpdateGhcr updates a single Ghcr integration on the Lacework Server

func (*ContainerRegistriesService) UpdateInlineScanner added in v0.39.0 

func (svc *ContainerRegistriesService) UpdateInlineScanner(data ContainerRegistry) (
	response InlineScannerIntegrationResponse,
	err error,
)

UpdateInlineScanner updates a single InlineScanner integration on the Lacework Server

func (*ContainerRegistriesService) UpdateProxyScanner added in v1.2.0 

func (svc *ContainerRegistriesService) UpdateProxyScanner(data ContainerRegistry) (
	response ProxyScannerIntegrationResponse,
	err error,
)

UpdateProxyScanner updates a single ProxyScanner integration on the Lacework Server

type ContainerRegistry added in v0.13.0 

type ContainerRegistry interface {
	ID() string
	ContainerRegistryType() containerRegistryType
}

ContainerRegistry is an interface that helps us implement a few functions that any Container Registry might use, there are some cases, like during Update, where we need to get the ID of the Container Registry and its type, this will allow users to pass any Container Registry that implements these methods

type ContainerRegistryRaw added in v0.13.0 

type ContainerRegistryRaw struct {
	Data        interface{}    `json:"data,omitempty"`
	ServerToken *V2ServerToken `json:"serverToken,omitempty"`
	// contains filtered or unexported fields
}

func NewContainerRegistry added in v0.13.0 

func NewContainerRegistry(name string, regType containerRegistryType, data interface{}) ContainerRegistryRaw

NewContainerRegistry returns an instance of the ContainerRegistryRaw struct with the provided Container Registry integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Container Registry type.

Basic usage: Initialize a new GhcrContainerRegistry integration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

ghcr := api.NewContainerRegistry("foo",
  api.GhcrContainerRegistry,
  api.GhcrData{
    Credentials: api.GhcrCredentials {
      Username: "bubu",
      Password: "supers3cret",
      Ssl: true,
    },
  },
)

client.V2.ContainerRegistries.Create(ghcr)

func (ContainerRegistryRaw) ContainerRegistryDomain added in v1.0.0 

func (reg ContainerRegistryRaw) ContainerRegistryDomain() string

func (ContainerRegistryRaw) ContainerRegistryType added in v0.13.0 

func (reg ContainerRegistryRaw) ContainerRegistryType() containerRegistryType

func (ContainerRegistryRaw) GetCommon added in v0.42.0 

func (reg ContainerRegistryRaw) GetCommon() v2CommonIntegrationData

func (ContainerRegistryRaw) GetData added in v0.42.0 

func (reg ContainerRegistryRaw) GetData() any

func (ContainerRegistryRaw) ID added in v0.13.0 

func (c ContainerRegistryRaw) ID() string

func (ContainerRegistryRaw) StateString added in v0.34.0 

func (c ContainerRegistryRaw) StateString() string

func (ContainerRegistryRaw) Status added in v0.34.0 

func (c ContainerRegistryRaw) Status() string

type ContainerRegistryResponse added in v0.13.0 

type ContainerRegistryResponse struct {
	Data ContainerRegistryRaw `json:"data"`
}

type ContainerResourceGroupData added in v0.15.0 

type ContainerResourceGroupData struct {
	Guid         string                      `json:"guid,omitempty"`
	IsDefault    int                         `json:"isDefault,omitempty"`
	ResourceGuid string                      `json:"resourceGuid,omitempty"`
	Name         string                      `json:"resourceName"`
	Type         string                      `json:"resourceType"`
	Enabled      int                         `json:"enabled,omitempty"`
	Props        ContainerResourceGroupProps `json:"props"`
}

type ContainerResourceGroupProps added in v0.15.0 

type ContainerResourceGroupProps struct {
	Description     string              `json:"description,omitempty"`
	ContainerLabels []map[string]string `json:"containerLabels"`
	ContainerTags   []string            `json:"containerTags"`
	UpdatedBy       string              `json:"updatedBy,omitempty"`
	LastUpdated     *lwtime.Epoch       `json:"lastUpdated,omitempty"`
}

func (ContainerResourceGroupProps) GetBaseProps added in v0.20.0 

func (props ContainerResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (ContainerResourceGroupProps) MarshalJSON added in v0.20.0 

func (props ContainerResourceGroupProps) MarshalJSON() ([]byte, error)

type ContainerResourceGroupResponse added in v0.15.0 

type ContainerResourceGroupResponse struct {
	Data ContainerResourceGroupData `json:"data"`
}

type ContainerResourceJsonStringGroupProps added in v0.15.0 

type ContainerResourceJsonStringGroupProps struct {
	Description     string              `json:"DESCRIPTION,omitempty"`
	ContainerLabels []map[string]string `json:"CONTAINER_LABELS"`
	ContainerTags   []string            `json:"CONTAINER_TAGS"`
	UpdatedBy       string              `json:"UPDATED_BY,omitempty"`
	LastUpdated     *lwtime.Epoch       `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type DailyEventsReportRuleNotifications added in v0.21.0 

type DailyEventsReportRuleNotifications struct {
	AgentEvents               bool `json:"agentEvents"`
	OpenShiftCompliance       bool `json:"openShiftCompliance"`
	OpenShiftComplianceEvents bool `json:"openShiftComplianceEvents"`
	PlatformEvents            bool `json:"platformEvents"`
	AwsCloudtrailEvents       bool `json:"awsCloudtrailEvents"`
	AwsComplianceEvents       bool `json:"awsComplianceEvents"`
	AzureComplianceEvents     bool `json:"azureComplianceEvents"`
	AzureActivityLogEvents    bool `json:"azureActivityLogEvents"`
	GcpAuditTrailEvents       bool `json:"gcpAuditTrailEvents"`
	GcpComplianceEvents       bool `json:"gcpComplianceEvents"`
}

func (DailyEventsReportRuleNotifications) ToMap added in v0.21.0 

func (daily DailyEventsReportRuleNotifications) ToMap() map[string]bool

type DataExportRule added in v0.41.0 

type DataExportRule struct {
	ID     string               `json:"mcGuid,omitempty"`
	Filter DataExportRuleFilter `json:"filters"`
	Type   string               `json:"type"`
	IDs    []string             `json:"intgGuidList"`
}

type DataExportRuleFilter added in v0.41.0 

type DataExportRuleFilter struct {
	Name            string   `json:"name"`
	Description     string   `json:"description"`
	CreatedBy       string   `json:"createdOrUpdatedBy,omitempty"`
	UpdatedTime     string   `json:"createdOrUpdatedTime,omitempty"`
	Enabled         int      `json:"enabled"`
	ProfileVersions []string `json:"profileVersions,omitempty"`
}

type DataExportRuleResponse added in v0.41.0 

type DataExportRuleResponse struct {
	Data    DataExportRule `json:"data"`
	Message string         `json:"message"`
}

type DataExportRulesResponse added in v0.41.0 

type DataExportRulesResponse struct {
	Data    []DataExportRule `json:"data"`
	Message string           `json:"message"`
}

type DataExportRulesService added in v0.41.0 

type DataExportRulesService struct {
	// contains filtered or unexported fields
}

DataExportRulesService is a service that interacts with the DataExportRule endpoints from the Lacework Server

func (*DataExportRulesService) Create added in v0.41.0 

func (svc *DataExportRulesService) Create(rule DataExportRule) (response DataExportRuleResponse,
	err error,
)

Create creates a single Data Export Rule

func (*DataExportRulesService) Delete added in v0.41.0 

func (svc *DataExportRulesService) Delete(guid string) error

Delete deletes a Data Export Rule that matches the provided guid

func (*DataExportRulesService) Get added in v0.41.0 

func (svc *DataExportRulesService) Get(id string) (
	response DataExportRuleResponse,
	err error,
)

Get returns a raw response of the Data Export Rule with the matching guid.

func (*DataExportRulesService) List added in v0.41.0 

func (svc *DataExportRulesService) List() (
	response DataExportRulesResponse,
	err error,
)

List returns a list of Data Export Rules

func (*DataExportRulesService) Search added in v0.41.0 

func (svc *DataExportRulesService) Search(filters SearchFilter) (
	response DataExportRulesResponse, err error,
)

Search returns a list of Data Export Rules

func (*DataExportRulesService) Update added in v0.41.0 

func (svc *DataExportRulesService) Update(rule DataExportRule) (response DataExportRuleResponse,
	err error,
)

Update updates a Data Export Rule that matches the provided guid

type DatadogAlertChannelResponseV2 added in v0.17.0 

type DatadogAlertChannelResponseV2 struct {
	Data DatadogAlertChannelV2 `json:"data"`
}

type DatadogAlertChannelV2 added in v0.17.0 

type DatadogAlertChannelV2 struct {
	Data DatadogDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (DatadogAlertChannelV2) ID added in v0.17.0 

func (c DatadogAlertChannelV2) ID() string

func (DatadogAlertChannelV2) StateString added in v0.34.0 

func (c DatadogAlertChannelV2) StateString() string

func (DatadogAlertChannelV2) Status added in v0.34.0 

func (c DatadogAlertChannelV2) Status() string

type DatadogDataV2 added in v0.17.0 

type DatadogDataV2 struct {
	ApiKey      string         `json:"apiKey"`
	DatadogSite datadogSite    `json:"datadogSite,omitempty"`
	DatadogType datadogService `json:"datadogType,omitempty"`
}

type Datasource added in v0.18.0 

type Datasource struct {
	Name                string                   `json:"name"`
	Description         string                   `json:"description"`
	ResultSchema        []DatasourceSchema       `json:"resultSchema"`
	SourceRelationships []DatasourceRelationship `json:"sourceRelationships"`
}

type DatasourceRelationship added in v0.31.0 

type DatasourceRelationship struct {
	Name          string `json:"name"`
	Description   string `json:"description"`
	From          string `json:"from"`
	To            string `json:"to"`
	ToCardinality string `json:"toCardinality"`
}

type DatasourceResponse added in v0.18.0 

type DatasourceResponse struct {
	Data    Datasource `json:"data"`
	Message string     `json:"message"`
}

type DatasourceSchema added in v0.18.0 

type DatasourceSchema struct {
	Name        string `json:"name"`
	DataType    string `json:"dataType"`
	Description string `json:"description"`
}

type DatasourcesResponse added in v0.18.0 

type DatasourcesResponse struct {
	Data    []Datasource `json:"data"`
	Message string       `json:"message"`
}

type DatasourcesService added in v0.18.0 

type DatasourcesService struct {
	// contains filtered or unexported fields
}

DatasourcesService is a service that interacts with the Datasources endpoints from the Lacework Server

func (*DatasourcesService) Get added in v0.18.0 

func (svc *DatasourcesService) Get(id string) (
	response DatasourceResponse,
	err error,
)

func (*DatasourcesService) List added in v0.18.0 

func (svc *DatasourcesService) List() (
	response DatasourcesResponse,
	err error,
)

type DockerhubCredentials added in v0.42.0 

type DockerhubCredentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

type DockerhubData added in v0.42.0 

type DockerhubData struct {
	Credentials      DockerhubCredentials `json:"credentials"`
	RegistryDomain   string               `json:"registryDomain"` // always "index.docker.io"
	RegistryType     string               `json:"registryType"`   // always "DOCKERHUB"
	LimitByTag       []string             `json:"limitByTag,omitempty"`
	LimitByLabel     []map[string]string  `json:"limitByLabel,omitempty"`
	LimitByRep       []string             `json:"limitByRep,omitempty"`
	LimitNumImg      int                  `json:"limitNumImg"`
	NonOSPackageEval bool                 `json:"nonOsPackageEval"`
}

type DockerhubIntegration added in v0.42.0 

type DockerhubIntegration struct {
	Data DockerhubData `json:"data"`
	// contains filtered or unexported fields
}

func (DockerhubIntegration) ContainerRegistryType added in v0.42.0 

func (reg DockerhubIntegration) ContainerRegistryType() containerRegistryType

func (DockerhubIntegration) ID added in v0.42.0 

func (c DockerhubIntegration) ID() string

func (DockerhubIntegration) StateString added in v0.42.0 

func (c DockerhubIntegration) StateString() string

func (DockerhubIntegration) Status added in v0.42.0 

func (c DockerhubIntegration) Status() string

type DockerhubIntegrationResponse added in v0.42.0 

type DockerhubIntegrationResponse struct {
	Data DockerhubIntegration `json:"data"`
}

type DockerhubV2Credentials added in v0.42.0 

type DockerhubV2Credentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
	SSL      bool   `json:"ssl"`
}

type DockerhubV2Data added in v0.42.0 

type DockerhubV2Data struct {
	Credentials           DockerhubV2Credentials `json:"credentials"`
	RegistryDomain        string                 `json:"registryDomain"`
	RegistryType          string                 `json:"registryType"`
	RegistryNotifications *bool                  `json:"registryNotifications,omitempty"`
	LimitByTag            []string               `json:"limitByTag,omitempty"`
	LimitByLabel          []map[string]string    `json:"limitByLabel,omitempty"`
	NonOSPackageEval      bool                   `json:"nonOsPackageEval"`
}

type DockerhubV2Integration added in v0.42.0 

type DockerhubV2Integration struct {
	Data DockerhubV2Data `json:"data"`
	// contains filtered or unexported fields
}

func (DockerhubV2Integration) ContainerRegistryType added in v0.42.0 

func (reg DockerhubV2Integration) ContainerRegistryType() containerRegistryType

func (DockerhubV2Integration) ID added in v0.42.0 

func (c DockerhubV2Integration) ID() string

func (DockerhubV2Integration) StateString added in v0.42.0 

func (c DockerhubV2Integration) StateString() string

func (DockerhubV2Integration) Status added in v0.42.0 

func (c DockerhubV2Integration) Status() string

type DockerhubV2IntegrationResponse added in v0.42.0 

type DockerhubV2IntegrationResponse struct {
	Data DockerhubV2Integration `json:"data"`
}

type EmailUserAlertChannelResponse added in v0.11.0 

type EmailUserAlertChannelResponse struct {
	Data EmailUserIntegration `json:"data"`
}

type EmailUserChannelProps added in v0.11.0 

type EmailUserChannelProps struct {
	Recipients []string `json:"recipients"`
}

type EmailUserData added in v0.11.0 

type EmailUserData struct {
	ChannelProps      EmailUserChannelProps `json:"channelProps"`
	NotificationTypes struct {
		Properties interface{} `json:"properties,omitempty"`
	} `json:"notificationTypes"`
}

type EmailUserIntegration added in v0.11.0 

type EmailUserIntegration struct {
	Data EmailUserData `json:"data"`
	// contains filtered or unexported fields
}

func (EmailUserIntegration) ID added in v0.11.0 

func (c EmailUserIntegration) ID() string

func (EmailUserIntegration) StateString added in v0.34.0 

func (c EmailUserIntegration) StateString() string

func (EmailUserIntegration) Status added in v0.34.0 

func (c EmailUserIntegration) Status() string

type EntitiesService added in v0.25.0 

type EntitiesService struct {
	// contains filtered or unexported fields
}

func (*EntitiesService) ListAllImages added in v0.25.0 

func (svc *EntitiesService) ListAllImages() (response ImagesEntityResponse, err error)

ListAllImages iterates over all pages to return all images information at once

func (*EntitiesService) ListAllImagesWithFilters added in v0.38.0 

func (svc *EntitiesService) ListAllImagesWithFilters(filters SearchFilter) (response ImagesEntityResponse, err error)

ListAllImagesWithFilters iterates over all pages to return all images information at once based on a user defined filter

func (*EntitiesService) ListAllMachineDetails added in v0.25.0 

func (svc *EntitiesService) ListAllMachineDetails() (response MachineDetailsEntityResponse, err error)

ListAllMachineDetails iterates over all pages to return all machine details at once

func (*EntitiesService) ListAllMachineDetailsWithFilters added in v0.38.0 

func (svc *EntitiesService) ListAllMachineDetailsWithFilters(filters SearchFilter) (response MachineDetailsEntityResponse, err error)

ListAllMachineDetailsWithFilters iterates over all pages to return all machine details at once based on a user defined filter

func (*EntitiesService) ListAllUsers added in v0.25.0 

func (svc *EntitiesService) ListAllUsers() (response UsersEntityResponse, err error)

ListAllUsers iterates over all pages to return all user information at once

func (*EntitiesService) ListImages added in v0.25.0 

func (svc *EntitiesService) ListImages() (response ImagesEntityResponse, err error)

ListImages returns a list of UserEntity from the last 7 days

func (*EntitiesService) ListImagesWithFilters added in v0.38.0 

func (svc *EntitiesService) ListImagesWithFilters(filters SearchFilter) (response ImagesEntityResponse, err error)

ListImagesWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListMachineDetails added in v0.25.0 

func (svc *EntitiesService) ListMachineDetails() (response MachineDetailsEntityResponse, err error)

ListMachineDetails returns a list of MachineDetailEntity from the last 7 days

func (*EntitiesService) ListMachineDetailsWithFilters added in v0.38.0 

func (svc *EntitiesService) ListMachineDetailsWithFilters(filters SearchFilter) (response MachineDetailsEntityResponse, err error)

ListMachineDetailsWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListUsers added in v0.25.0 

func (svc *EntitiesService) ListUsers() (response UsersEntityResponse, err error)

ListUsers returns a list of UserEntity from the last 7 days

func (*EntitiesService) Search added in v0.25.0 

func (svc *EntitiesService) Search(response interface{}, filters SearchFilter) error

Search expects the response and the search filters

e.g. 

var (
    response = &api.MachineDetailsEntityResponse{}
    now      = time.Now().UTC()
    before   = now.AddDate(0, 0, -7) // 7 days from ago
    filters  = api.SearchFilter{
        TimeFilter: &api.TimeFilter{
            StartTime: &before,
            EndTime:   &now,
        },
    }
)
lacework.V2.Entities.Search(response, filters)

type EntityType added in v0.25.0 

type EntityType int
const (
	NoneEntityType EntityType = iota
	MachineDetailsEntityType
	UsersEntityType
	ImagesEntityType
)

type ExecuteQuery added in v0.11.0 

type ExecuteQuery struct {
	QueryText string `json:"queryText"`
}

type ExecuteQueryArgument added in v0.11.0 

type ExecuteQueryArgument struct {
	Name  ExecuteQueryArgumentName `json:"name"`
	Value string                   `json:"value"`
}

type ExecuteQueryArgumentName added in v0.35.0 

type ExecuteQueryArgumentName string
const (
	QueryStartTimeRange ExecuteQueryArgumentName = "StartTimeRange"
	QueryEndTimeRange   ExecuteQueryArgumentName = "EndTimeRange"
)

type ExecuteQueryByIDRequest added in v0.11.0 

type ExecuteQueryByIDRequest struct {
	QueryID   string                 `json:"queryId,omitempty"`
	Options   ExecuteQueryOptions    `json:"options"`
	Arguments []ExecuteQueryArgument `json:"arguments"`
}

type ExecuteQueryData added in v0.43.0 

type ExecuteQueryData []interface{}

func (*ExecuteQueryData) UnmarshalJSON added in v0.43.0 

func (d *ExecuteQueryData) UnmarshalJSON(data []byte) error

type ExecuteQueryOptions added in v0.40.0 

type ExecuteQueryOptions struct {
	Limit *int `json:"limit,omitempty"`
}

type ExecuteQueryRequest added in v0.11.0 

type ExecuteQueryRequest struct {
	Query     ExecuteQuery           `json:"query"`
	Options   ExecuteQueryOptions    `json:"options"`
	Arguments []ExecuteQueryArgument `json:"arguments"`
}

type ExecuteQueryResponse added in v0.36.0 

type ExecuteQueryResponse struct {
	Data    ExecuteQueryData `json:"data"`
	Ok      bool             `json:"ok"`
	Message string           `json:"message"`
}

type Filter added in v0.10.0 

type Filter struct {
	Expression string   `json:"expression,omitempty"`
	Field      string   `json:"field,omitempty"`
	Value      string   `json:"value,omitempty"`
	Values     []string `json:"values,omitempty"`
}

type GcpAtSesCredentials added in v0.42.0 

type GcpAtSesCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

type GcpAtSesData added in v0.42.0 

type GcpAtSesData struct {
	Credentials GcpAtSesCredentials `json:"credentials"`
	IDType      string              `json:"idType"`
	// Either the org id or project id
	ID               string `json:"id"`
	SubscriptionName string `json:"subscriptionName"`
}

type GcpAtSesIntegrationResponse added in v0.42.0 

type GcpAtSesIntegrationResponse struct {
	Data V2GcpAtSesIntegration `json:"data"`
}

type GcpCfgCredentials added in v0.42.0 

type GcpCfgCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

type GcpCfgData added in v0.42.0 

type GcpCfgData struct {
	Credentials GcpCfgCredentials `json:"credentials"`
	IDType      string            `json:"idType"`
	// Either the org id or project id
	ID string `json:"id"`
}

type GcpCfgIntegrationResponse added in v0.42.0 

type GcpCfgIntegrationResponse struct {
	Data V2GcpCfgIntegration `json:"data"`
}

type GcpConfigData added in v1.0.0 

type GcpConfigData struct {
	Organization string   `json:"organization"`
	Projects     []string `json:"projects"`
}

type GcpConfigsResponse added in v1.0.0 

type GcpConfigsResponse struct {
	Data []GcpConfigData `json:"data"`
}

type GcpCredentialsV2 added in v0.13.0 

type GcpCredentialsV2 struct {
	ClientEmail  string `json:"clientEmail"`
	ClientID     string `json:"clientId"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

GcpCredentials is already defined in api/integrations_gcp.go:163 so we need to add a "V2" at the end to make it clear that this is the Google Credentials struct for API v2

type GcpGarData added in v0.13.0 

type GcpGarData struct {
	Credentials      GcpCredentialsV2    `json:"credentials"`
	RegistryDomain   string              `json:"registryDomain"`
	RegistryType     string              `json:"registryType"` // always "GCP_GAR"
	LimitByTag       []string            `json:"limitByTag,omitempty"`
	LimitByLabel     []map[string]string `json:"limitByLabel,omitempty"`
	LimitByRep       []string            `json:"limitByRep,omitempty"`
	LimitNumImg      int                 `json:"limitNumImg"`
	NonOSPackageEval bool                `json:"nonOsPackageEval"`
}

type GcpGarIntegration added in v0.13.0 

type GcpGarIntegration struct {
	Data GcpGarData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGarIntegration) ContainerRegistryType added in v0.13.0 

func (reg GcpGarIntegration) ContainerRegistryType() containerRegistryType

func (GcpGarIntegration) ID added in v0.13.0 

func (c GcpGarIntegration) ID() string

func (GcpGarIntegration) StateString added in v0.34.0 

func (c GcpGarIntegration) StateString() string

func (GcpGarIntegration) Status added in v0.34.0 

func (c GcpGarIntegration) Status() string

type GcpGarIntegrationResponse added in v0.13.0 

type GcpGarIntegrationResponse struct {
	Data GcpGarIntegration `json:"data"`
}

type GcpGcrData added in v0.42.0 

type GcpGcrData struct {
	Credentials      GcpCredentialsV2    `json:"credentials"`
	RegistryDomain   string              `json:"registryDomain"`
	RegistryType     string              `json:"registryType"`
	LimitByTag       []string            `json:"limitByTag,omitempty"`
	LimitByLabel     []map[string]string `json:"limitByLabel,omitempty"`
	LimitByRep       []string            `json:"limitByRep,omitempty"`
	LimitNumImg      int                 `json:"limitNumImg"`
	NonOSPackageEval bool                `json:"nonOsPackageEval"`
}

type GcpGcrIntegration added in v0.42.0 

type GcpGcrIntegration struct {
	Data GcpGcrData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGcrIntegration) ContainerRegistryType added in v0.42.0 

func (reg GcpGcrIntegration) ContainerRegistryType() containerRegistryType

func (GcpGcrIntegration) ID added in v0.42.0 

func (c GcpGcrIntegration) ID() string

func (GcpGcrIntegration) StateString added in v0.42.0 

func (c GcpGcrIntegration) StateString() string

func (GcpGcrIntegration) Status added in v0.42.0 

func (c GcpGcrIntegration) Status() string

type GcpGcrIntegrationResponse added in v0.42.0 

type GcpGcrIntegrationResponse struct {
	Data GcpGcrIntegration `json:"data"`
}

type GcpGkeAuditCredentials added in v0.36.0 

type GcpGkeAuditCredentials struct {
	ClientId     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyId string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey"`
}

type GcpGkeAuditData added in v0.36.0 

type GcpGkeAuditData struct {
	Credentials     GcpGkeAuditCredentials `json:"credentials"`
	IntegrationType string                 `json:"integrationType"`
	// OrganizationId is optional for a project level integration, therefore we omit if empty
	OrganizationId   string `json:"organizationId,omitempty"`
	ProjectId        string `json:"projectId"`
	SubscriptionName string `json:"subscriptionName"`
}

type GcpGkeAuditIntegration added in v0.36.0 

type GcpGkeAuditIntegration struct {
	Data GcpGkeAuditData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGkeAuditIntegration) ID added in v0.36.0 

func (c GcpGkeAuditIntegration) ID() string

func (GcpGkeAuditIntegration) StateString added in v0.36.0 

func (c GcpGkeAuditIntegration) StateString() string

func (GcpGkeAuditIntegration) Status added in v0.36.0 

func (c GcpGkeAuditIntegration) Status() string

type GcpGkeAuditIntegrationResponse added in v0.36.0 

type GcpGkeAuditIntegrationResponse struct {
	Data GcpGkeAuditIntegration `json:"data"`
}

type GcpPubSubAlertChannelResponseV2 added in v0.18.0 

type GcpPubSubAlertChannelResponseV2 struct {
	Data GcpPubSubAlertChannelV2 `json:"data"`
}

type GcpPubSubAlertChannelV2 added in v0.18.0 

type GcpPubSubAlertChannelV2 struct {
	Data GcpPubSubDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (GcpPubSubAlertChannelV2) ID added in v0.18.0 

func (c GcpPubSubAlertChannelV2) ID() string

func (GcpPubSubAlertChannelV2) StateString added in v0.34.0 

func (c GcpPubSubAlertChannelV2) StateString() string

func (GcpPubSubAlertChannelV2) Status added in v0.34.0 

func (c GcpPubSubAlertChannelV2) Status() string

type GcpPubSubCredentials added in v0.18.0 

type GcpPubSubCredentials struct {
	ClientEmail  string `json:"clientEmail"`
	ClientID     string `json:"clientId"`
	PrivateKey   string `json:"privateKey"`
	PrivateKeyID string `json:"privateKeyId"`
}

type GcpPubSubDataV2 added in v0.18.0 

type GcpPubSubDataV2 struct {
	Credentials   GcpPubSubCredentials `json:"credentials"`
	IssueGrouping string               `json:"issueGrouping"`
	ProjectID     string               `json:"projectId"`
	TopicID       string               `json:"topicId"`
}

type GcpRecommendationsV2 added in v1.5.2 

type GcpRecommendationsV2 struct {
	// contains filtered or unexported fields
}

GcpRecommendationsV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

func (*GcpRecommendationsV2) GetReport added in v1.5.2 

func (svc *GcpRecommendationsV2) GetReport(reportType string) ([]RecV2, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*GcpRecommendationsV2) List added in v1.5.2 

func (svc *GcpRecommendationsV2) List() ([]RecV2, error)

func (*GcpRecommendationsV2) Patch added in v1.5.2 

func (svc *GcpRecommendationsV2) Patch(recommendations RecommendationStateV2) (RecommendationResponseV2, error)

type GcpReport added in v0.44.0 

type GcpReport struct {
	ReportType       string             `json:"reportType"`
	ReportTitle      string             `json:"reportTitle"`
	Recommendations  []RecommendationV2 `json:"recommendations"`
	Summary          []ReportSummary    `json:"summary"`
	ReportTime       time.Time          `json:"reportTime"`
	OrganizationName string             `json:"organizationName"`
	OrganizationID   string             `json:"organizationId"`
	ProjectName      string             `json:"projectName"`
	ProjectID        string             `json:"projectId"`
}

func (GcpReport) GetComplianceRecommendation added in v0.44.0 

func (gcp GcpReport) GetComplianceRecommendation(recommendationID string) RecommendationV2

type GcpReportConfig added in v0.44.0 

type GcpReportConfig struct {
	OrganizationID string
	ProjectID      string
	Type           GcpReportType
}

type GcpReportResponse added in v0.44.0 

type GcpReportResponse struct {
	Data    []GcpReport `json:"data"`
	Ok      bool        `json:"ok"`
	Message string      `json:"message"`
}

type GcpReportRuleNotifications added in v0.21.0 

type GcpReportRuleNotifications struct {
	GcpCis       bool `json:"gcpCis"`
	GcpHipaa     bool `json:"gcpHipaa"`
	GcpHipaaRev2 bool `json:"gcpHipaaRev2"`
	GcpIso27001  bool `json:"gcpIso27001"`
	GcpCis12     bool `json:"gcpCis12"`
	GcpK8s       bool `json:"gcpK8s"`
	GcpPci       bool `json:"gcpPci"`
	GcpPciRev2   bool `json:"gcpPciRev2"`
	GcpSoc       bool `json:"gcpSoc"`
	GcpSocRev2   bool `json:"gcpSocRev2"`
}

func (GcpReportRuleNotifications) ToMap added in v0.21.0 

func (gcp GcpReportRuleNotifications) ToMap() map[string]bool

type GcpReportType added in v0.44.0 

type GcpReportType int
const (
	NONE_GCP_REPORT GcpReportType = iota
	GCP_HIPAA
	GCP_CIS
	GCP_SOC
	GCP_CIS12
	GCP_K8S
	GCP_PCI_Rev2
	GCP_SOC_Rev2
	GCP_HIPAA_Rev2
	GCP_ISO_27001
	GCP_NIST_CSF
	GCP_NIST_800_53_REV4
	GCP_NIST_800_171_REV2
	GCP_PCI
	GCP_CIS13
)

func NewGcpReportType added in v0.44.0 

func NewGcpReportType(report string) (GcpReportType, error)

func (GcpReportType) String added in v0.44.0 

func (report GcpReportType) String() string

type GcpResourceGroupData added in v0.15.0 

type GcpResourceGroupData struct {
	Guid         string                `json:"guid,omitempty"`
	IsDefault    int                   `json:"isDefault,omitempty"`
	ResourceGuid string                `json:"resourceGuid,omitempty"`
	Name         string                `json:"resourceName"`
	Type         string                `json:"resourceType"`
	Enabled      int                   `json:"enabled,omitempty"`
	Props        GcpResourceGroupProps `json:"props"`
}

type GcpResourceGroupJsonStringProps added in v0.15.0 

type GcpResourceGroupJsonStringProps struct {
	Description  string        `json:"DESCRIPTION,omitempty"`
	Organization string        `json:"ORGANIZATION"`
	Projects     []string      `json:"PROJECTS"`
	UpdatedBy    string        `json:"UPDATED_BY,omitempty"`
	LastUpdated  *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type GcpResourceGroupProps added in v0.15.0 

type GcpResourceGroupProps struct {
	Description  string        `json:"description,omitempty"`
	Organization string        `json:"organization"`
	Projects     []string      `json:"projects"`
	UpdatedBy    string        `json:"updatedBy,omitempty"`
	LastUpdated  *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (GcpResourceGroupProps) GetBaseProps added in v0.20.0 

func (props GcpResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (GcpResourceGroupProps) MarshalJSON added in v0.20.0 

func (props GcpResourceGroupProps) MarshalJSON() ([]byte, error)

type GcpResourceGroupResponse added in v0.15.0 

type GcpResourceGroupResponse struct {
	Data GcpResourceGroupData `json:"data"`
}

type GcpSidekickCredentials added in v1.0.0 

type GcpSidekickCredentials struct {
	ClientID     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
	TokenUri     string `json:"tokenUri,omitempty"`
}

type GcpSidekickData added in v1.0.0 

type GcpSidekickData struct {
	Credentials GcpSidekickCredentials `json:"credentials"`
	IDType      string                 `json:"idType"`
	// Either the org id or project id
	ID                string `json:"id"`
	ScanningProjectId string `json:"scanningProjectId"`
	SharedBucket      string `json:"sharedBucketName"`
	FilterList        string `json:"filterList,omitempty"`
	QueryText         string `json:"queryText,omitempty"`
	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency           int  `json:"scanFrequency"`
	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`
}

type GcpSidekickIntegrationResponse added in v1.0.0 

type GcpSidekickIntegrationResponse struct {
	Data V2GcpSidekickIntegration `json:"data"`
}

type GcpSidekickToken added in v1.1.2 

type GcpSidekickToken struct {
	ServerToken string `json:"serverToken"`
	Uri         string `json:"uri"`
}

type GcpSuppressionsV2 added in v1.5.0 

type GcpSuppressionsV2 struct {
	// contains filtered or unexported fields
}

GcpSuppressionsV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

func (*GcpSuppressionsV2) List added in v1.5.0 

func (svc *GcpSuppressionsV2) List() (map[string]SuppressionV2, error)

type GhcrCredentials added in v0.13.0 

type GhcrCredentials struct {
	Username string `json:"username"`
	Password string `json:"password,omitempty"`
	Ssl      bool   `json:"ssl"`
}

GcpCredentials is already defined in api/integrations_gcp.go:163 so we need to add a "V2" at the end to make it clear that this is the Google Credentials struct for API v2

type GhcrData added in v0.13.0 

type GhcrData struct {
	Credentials           GhcrCredentials     `json:"credentials"`
	RegistryNotifications bool                `json:"registryNotifications"`
	RegistryDomain        string              `json:"registryDomain"` // always "ghcr.io"
	RegistryType          string              `json:"registryType"`   // always "GHCR"
	LimitByTag            []string            `json:"limitByTag,omitempty"`
	LimitByLabel          []map[string]string `json:"limitByLabel,omitempty"`
	LimitByRep            []string            `json:"limitByRep,omitempty"`
	LimitNumImg           int                 `json:"limitNumImg"`
	NonOSPackageEval      bool                `json:"nonOsPackageEval"`
}

type GhcrIntegration added in v0.13.0 

type GhcrIntegration struct {
	Data GhcrData `json:"data"`
	// contains filtered or unexported fields
}

func (GhcrIntegration) ContainerRegistryType added in v0.13.0 

func (reg GhcrIntegration) ContainerRegistryType() containerRegistryType

func (GhcrIntegration) ID added in v0.13.0 

func (c GhcrIntegration) ID() string

func (GhcrIntegration) StateString added in v0.34.0 

func (c GhcrIntegration) StateString() string

func (GhcrIntegration) Status added in v0.34.0 

func (c GhcrIntegration) Status() string

type GhcrIntegrationResponse added in v0.13.0 

type GhcrIntegrationResponse struct {
	Data GhcrIntegration `json:"data"`
}

type HostVulnCounts added in v0.2.0 

type HostVulnCounts struct {
	Critical     int32
	CritFixable  int32
	High         int32
	HighFixable  int32
	Medium       int32
	MedFixable   int32
	Low          int32
	LowFixable   int32
	Info         int32
	InfoFixable  int32
	Total        int32
	TotalFixable int32
}

func (*HostVulnCounts) HighestFixableSeverity added in v0.4.0 

func (h *HostVulnCounts) HighestFixableSeverity() string

HighestFixableSeverity returns the highest fixable severity level vulnerability

func (*HostVulnCounts) HighestSeverity added in v0.4.0 

func (h *HostVulnCounts) HighestSeverity() string

HighestSeverity returns the highest severity level vulnerability

func (*HostVulnCounts) TotalFixableVulnerabilities added in v0.4.0 

func (h *HostVulnCounts) TotalFixableVulnerabilities() int32

TotalFixableVulnerabilities returns the total number of vulnerabilities that have a fix available

type IbmQRadarAlertChannelResponseV2 added in v0.18.0 

type IbmQRadarAlertChannelResponseV2 struct {
	Data IbmQRadarAlertChannelV2 `json:"data"`
}

type IbmQRadarAlertChannelV2 added in v0.18.0 

type IbmQRadarAlertChannelV2 struct {
	Data IbmQRadarDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (IbmQRadarAlertChannelV2) ID added in v0.18.0 

func (c IbmQRadarAlertChannelV2) ID() string

func (IbmQRadarAlertChannelV2) StateString added in v0.34.0 

func (c IbmQRadarAlertChannelV2) StateString() string

func (IbmQRadarAlertChannelV2) Status added in v0.34.0 

func (c IbmQRadarAlertChannelV2) Status() string

type IbmQRadarDataV2 added in v0.18.0 

type IbmQRadarDataV2 struct {
	QRadarCommType qradarComm `json:"qradarCommType"`
	HostURL        string     `json:"qradarHostUrl"`
	HostPort       int        `json:"qradarHostPort,omitempty"`
}

type ImageEntity added in v0.25.0 

type ImageEntity struct {
	ContainerType string    `json:"containerType"`
	CreatedTime   time.Time `json:"createdTime"`
	ImageID       string    `json:"imageId"`
	Mid           int       `json:"mid"`
	Repo          string    `json:"repo"`
	Size          int       `json:"size"`
	Tag           string    `json:"tag"`
}

type ImageInfo added in v1.0.0 

type ImageInfo struct {
	CreatedTime int64    `json:"created_time"`
	Digest      string   `json:"digest"`
	ErrorMsg    []string `json:"error_msg"`
	ID          string   `json:"id"`
	Registry    string   `json:"registry"`
	Repo        string   `json:"repo"`
	Size        int      `json:"size"`
	Status      string   `json:"status"`
	Tags        []string `json:"tags"`
	Type        string   `json:"type"`
}

type ImagesEntityResponse added in v0.25.0 

type ImagesEntityResponse struct {
	Data   []ImageEntity `json:"data"`
	Paging V2Pagination  `json:"paging"`
}

func (ImagesEntityResponse) PageInfo added in v0.25.0 

func (r ImagesEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*ImagesEntityResponse) ResetPaging added in v0.25.0 

func (r *ImagesEntityResponse) ResetPaging()

type InlineScannerData added in v0.39.0 

type InlineScannerData struct {
	RegistryType  string              `json:"registryType"` // always "INLINE_SCANNER"
	IdentifierTag []map[string]string `json:"identifierTag"`
	LimitNumScan  string              `json:"limitNumScan,omitempty"`
}

type InlineScannerIntegration added in v0.39.0 

type InlineScannerIntegration struct {
	Data        InlineScannerData `json:"data"`
	ServerToken V2ServerToken     `json:"serverToken"`
	// contains filtered or unexported fields
}

func (InlineScannerIntegration) ContainerRegistryType added in v0.39.0 

func (reg InlineScannerIntegration) ContainerRegistryType() containerRegistryType

func (InlineScannerIntegration) ID added in v0.39.0 

func (c InlineScannerIntegration) ID() string

func (InlineScannerIntegration) StateString added in v0.39.0 

func (c InlineScannerIntegration) StateString() string

func (InlineScannerIntegration) Status added in v0.39.0 

func (c InlineScannerIntegration) Status() string

type InlineScannerIntegrationResponse added in v0.39.0 

type InlineScannerIntegrationResponse struct {
	Data InlineScannerIntegration `json:"data"`
}

type InventoryAws added in v0.41.0 

type InventoryAws struct {
	ApiKey         string `json:"apiKey"`
	Csp            string `json:"csp"`
	EndTime        string `json:"endTime"`
	StartTime      string `json:"startTime"`
	ResourceId     string `json:"resourceId"`
	ResourceRegion string `json:"resourceRegion"`
	ResourceTags   any    `json:"resourceTags"`
	ResourceType   string `json:"resourceType"`
	Service        string `json:"service"`
	Urn            string `json:"urn"`
	CloudDetails   struct {
		AccountAlias string `json:"accountAlias"`
		AccountID    string `json:"accountID"`
	} `json:"cloudDetails"`
	Status struct {
		FormatVersion int    `json:"formatVersion"`
		Props         any    `json:"props"`
		Status        string `json:"status"`
		// Error status
		ErrorMessage string `json:"errorMessage,omitempty"`
		ErrorType    string `json:"errorType,omitempty"`
	} `json:"status"`
	ResourceConfig any `json:"resourceConfig"`
}

type InventoryAwsResponse added in v0.41.0 

type InventoryAwsResponse struct {
	Data   []InventoryAws `json:"data"`
	Paging V2Pagination   `json:"paging"`
}

func (InventoryAwsResponse) GetDataLength added in v1.0.0 

func (r InventoryAwsResponse) GetDataLength() int

func (InventoryAwsResponse) PageInfo added in v0.41.0 

func (r InventoryAwsResponse) PageInfo() *V2Pagination

func (*InventoryAwsResponse) ResetPaging added in v0.41.0 

func (r *InventoryAwsResponse) ResetPaging()

type InventorySearch added in v0.41.0 

type InventorySearch struct {
	SearchFilter
	Csp     inventoryType    `json:"csp"`
	Dataset inventoryDataset `json:"dataset"`
}

func (InventorySearch) GetTimeFilter added in v1.0.0 

func (i InventorySearch) GetTimeFilter() *TimeFilter

func (InventorySearch) SetEndTime added in v1.0.0 

func (i InventorySearch) SetEndTime(time *time.Time)

func (InventorySearch) SetStartTime added in v1.0.0 

func (i InventorySearch) SetStartTime(time *time.Time)

type InventoryService added in v0.41.0 

type InventoryService struct {
	// contains filtered or unexported fields
}

func (*InventoryService) Search added in v0.41.0 

func (svc *InventoryService) Search(response interface{}, filters SearchableFilter) error

Search expects the response and the search filters

e.g. 

 var (
	  awsInventorySearchResponse api.InventoryAwsResponse
	  filter = api.InventorySearch{
		  SearchFilter: api.SearchFilter{
			  Filters: []api.Filter{{
				  Expression: "eq",
				  Field:      "urn",
				  Value:      arn:aws:s3:::my-bucket,
			  }},
		  },
		  Dataset: api.AwsComplianceEvaluationDataset,
	  }
 )
  lacework.V2.Inventory.Search(&awsInventorySearchResponse, filters)

type JiraAlertChannelResponseV2 added in v0.19.0 

type JiraAlertChannelResponseV2 struct {
	Data JiraAlertChannelV2 `json:"data"`
}

type JiraAlertChannelV2 added in v0.19.0 

type JiraAlertChannelV2 struct {
	Data JiraDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (JiraAlertChannelV2) ID added in v0.19.0 

func (c JiraAlertChannelV2) ID() string

func (JiraAlertChannelV2) StateString added in v0.34.0 

func (c JiraAlertChannelV2) StateString() string

func (JiraAlertChannelV2) Status added in v0.34.0 

func (c JiraAlertChannelV2) Status() string

type JiraDataV2 added in v0.19.0 

type JiraDataV2 struct {
	ApiToken           string `json:"apiToken,omitempty"` // used for Jira Cloud
	CustomTemplateFile string `json:"customTemplateFile,omitempty"`
	IssueGrouping      string `json:"issueGrouping,omitempty"`
	IssueType          string `json:"issueType"`
	JiraType           string `json:"jiraType"`
	JiraUrl            string `json:"jiraUrl"`
	ProjectID          string `json:"projectId"`
	Username           string `json:"username"`
	Password           string `json:"password,omitempty"`            // used for Jira Server
	Configuration      string `json:"bidirectionalConfig,omitempty"` // used for bidirectional integration
}

func (*JiraDataV2) DecodeCustomTemplateFile added in v0.19.0 

func (jira *JiraDataV2) DecodeCustomTemplateFile() (string, error)

func (*JiraDataV2) EncodeCustomTemplateFile added in v0.19.0 

func (jira *JiraDataV2) EncodeCustomTemplateFile(template string)

type LifecycleCallbacks added in v0.10.0 

type LifecycleCallbacks struct {
	// RequestCallback is a function that will be executed after every client request
	RequestCallback func(int, http.Header) error

	// TokenExpiredCallback  is a function that the consumer can configure
	// into the client so that it is run when the token expired
	TokenExpiredCallback func() error
}

type LwAccountResourceGroupData added in v0.15.0 

type LwAccountResourceGroupData struct {
	Guid         string                      `json:"guid,omitempty"`
	IsDefault    int                         `json:"isDefault,omitempty"`
	ResourceGuid string                      `json:"resourceGuid,omitempty"`
	Name         string                      `json:"resourceName"`
	Type         string                      `json:"resourceType"`
	Enabled      int                         `json:"enabled,omitempty"`
	Props        LwAccountResourceGroupProps `json:"props"`
}

type LwAccountResourceGroupJsonStringProps added in v0.15.0 

type LwAccountResourceGroupJsonStringProps struct {
	Description string        `json:"DESCRIPTION,omitempty"`
	LwAccounts  []string      `json:"LW_ACCOUNTS"`
	UpdatedBy   string        `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type LwAccountResourceGroupProps added in v0.15.0 

type LwAccountResourceGroupProps struct {
	Description string        `json:"description,omitempty"`
	LwAccounts  []string      `json:"lwAccounts"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (LwAccountResourceGroupProps) GetBaseProps added in v0.20.0 

func (props LwAccountResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (LwAccountResourceGroupProps) MarshalJSON added in v0.20.0 

func (props LwAccountResourceGroupProps) MarshalJSON() ([]byte, error)

type LwAccountResourceGroupResponse added in v0.15.0 

type LwAccountResourceGroupResponse struct {
	Data LwAccountResourceGroupData `json:"data"`
}

type MachineDetailEntity added in v0.25.0 

type MachineDetailEntity struct {
	AwsInstanceID string    `json:"awsInstanceId"`
	AwsZone       string    `json:"awsZone"`
	CreatedTime   time.Time `json:"createdTime"`
	Domain        string    `json:"domain"`
	Hostname      string    `json:"hostname"`
	Kernel        string    `json:"kernel"`
	KernelRelease string    `json:"kernelRelease"`
	KernelVersion string    `json:"kernelVersion"`
	Mid           int       `json:"mid"`
	Os            string    `json:"os"`
	OsVersion     string    `json:"osVersion"`
	Tags          struct {
		// Shared Tags
		Arch           string `json:"arch,omitempty"`
		ExternalIP     string `json:"ExternalIp,omitempty"`
		Hostname       string `json:"Hostname,omitempty"`
		InstanceID     string `json:"InstanceId,omitempty"`
		InternalIP     string `json:"InternalIp,omitempty"`
		LwTokenShort   string `json:"LwTokenShort,omitempty"`
		Os             string `json:"os,omitempty"`
		VMInstanceType string `json:"VmInstanceType,omitempty"`
		VMProvider     string `json:"VmProvider,omitempty"`
		Zone           string `json:"Zone,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiID    string `json:"AmiId,omitempty"`
		Name     string `json:"Name,omitempty"`
		SubnetID string `json:"SubnetId,omitempty"`
		VpcID    string `json:"VpcId,omitempty"`

		// GCP Tags
		Cluster                 string `json:"Cluster,omitempty"`
		ClusterLocation         string `json:"cluster-location,omitempty"`
		ClusterName             string `json:"cluster-name,omitempty"`
		ClusterUID              string `json:"cluster-uid,omitempty"`
		CreatedBy               string `json:"created-by,omitempty"`
		EnableOSLogin           string `json:"enable-oslogin,omitempty"`
		Env                     string `json:"Env,omitempty"`
		GCEtags                 string `json:"GCEtags,omitempty"`
		GCIEnsureGKEDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GCIUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePCID string `json:"google-compute-enable-pcid,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		InstanceTemplate        string `json:"InstanceTemplate,omitempty"`
		KubeLabels              string `json:"kube-labels,omitempty"`
		LWKubernetesCluster     string `json:"lw_KubernetesCluster,omitempty"`
		NumericProjectID        string `json:"NumericProjectId,omitempty"`
		ProjectID               string `json:"ProjectId,omitempty"`
	} `json:"tags"`
}

type MachineDetailsEntityResponse added in v0.25.0 

type MachineDetailsEntityResponse struct {
	Data   []MachineDetailEntity `json:"data"`
	Paging V2Pagination          `json:"paging"`
}

func (MachineDetailsEntityResponse) PageInfo added in v0.25.0 

func (r MachineDetailsEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*MachineDetailsEntityResponse) ResetPaging added in v0.25.0 

func (r *MachineDetailsEntityResponse) ResetPaging()

type MachineResourceGroupData added in v0.15.0 

type MachineResourceGroupData struct {
	Guid         string                    `json:"guid,omitempty"`
	IsDefault    int                       `json:"isDefault,omitempty"`
	ResourceGuid string                    `json:"resourceGuid,omitempty"`
	Name         string                    `json:"resourceName"`
	Type         string                    `json:"resourceType"`
	Enabled      int                       `json:"enabled,omitempty"`
	Props        MachineResourceGroupProps `json:"props"`
}

type MachineResourceGroupJsonStringProps added in v0.15.0 

type MachineResourceGroupJsonStringProps struct {
	Description string              `json:"DESCRIPTION,omitempty"`
	MachineTags []map[string]string `json:"MACHINE_TAGS"`
	UpdatedBy   string              `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch       `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type MachineResourceGroupProps added in v0.15.0 

type MachineResourceGroupProps struct {
	Description string              `json:"description,omitempty"`
	MachineTags []map[string]string `json:"machineTags"`
	UpdatedBy   string              `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch       `json:"lastUpdated,omitempty"`
}

func (MachineResourceGroupProps) GetBaseProps added in v0.20.0 

func (props MachineResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (MachineResourceGroupProps) MarshalJSON added in v0.20.0 

func (props MachineResourceGroupProps) MarshalJSON() ([]byte, error)

type MachineResourceGroupResponse added in v0.15.0 

type MachineResourceGroupResponse struct {
	Data MachineResourceGroupData `json:"data"`
}

type MicrosoftTeamsAlertChannelResponseV2 added in v0.18.0 

type MicrosoftTeamsAlertChannelResponseV2 struct {
	Data MicrosoftTeamsAlertChannelV2 `json:"data"`
}

type MicrosoftTeamsAlertChannelV2 added in v0.18.0 

type MicrosoftTeamsAlertChannelV2 struct {
	Data MicrosoftTeamsData `json:"data"`
	// contains filtered or unexported fields
}

func (MicrosoftTeamsAlertChannelV2) ID added in v0.18.0 

func (c MicrosoftTeamsAlertChannelV2) ID() string

func (MicrosoftTeamsAlertChannelV2) StateString added in v0.34.0 

func (c MicrosoftTeamsAlertChannelV2) StateString() string

func (MicrosoftTeamsAlertChannelV2) Status added in v0.34.0 

func (c MicrosoftTeamsAlertChannelV2) Status() string

type MicrosoftTeamsData added in v0.18.0 

type MicrosoftTeamsData struct {
	TeamsURL string `json:"teamsUrl"`
}

type NewPolicy added in v0.10.0 

type NewPolicy struct {
	PolicyID      string   `json:"policyId,omitempty" yaml:"policyId,omitempty" `
	PolicyType    string   `json:"policyType" yaml:"policyType"`
	QueryID       string   `json:"queryId" yaml:"queryId"`
	Title         string   `json:"title" yaml:"title"`
	Enabled       bool     `json:"enabled" yaml:"enabled"`
	Description   string   `json:"description" yaml:"description"`
	Remediation   string   `json:"remediation" yaml:"remediation"`
	Severity      string   `json:"severity" yaml:"severity"`
	Limit         int      `json:"limit,omitempty" yaml:"limit,omitempty"`
	EvalFrequency string   `json:"evalFrequency,omitempty" yaml:"evalFrequency,omitempty"`
	AlertEnabled  bool     `json:"alertEnabled" yaml:"alertEnabled"`
	AlertProfile  string   `json:"alertProfile,omitempty" yaml:"alertProfile,omitempty"`
	Tags          []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}

func ParseNewPolicy added in v0.36.0 

func ParseNewPolicy(s string) (NewPolicy, error)

type NewQuery added in v0.10.0 

type NewQuery struct {
	QueryID   string `json:"queryId" yaml:"queryId"`
	QueryText string `json:"queryText" yaml:"queryText"`
}

func ParseNewQuery added in v0.36.0 

func ParseNewQuery(s string) (NewQuery, error)

type NewRelicInsightsAlertChannelResponseV2 added in v0.18.0 

type NewRelicInsightsAlertChannelResponseV2 struct {
	Data NewRelicInsightsAlertChannelV2 `json:"data"`
}

type NewRelicInsightsAlertChannelV2 added in v0.18.0 

type NewRelicInsightsAlertChannelV2 struct {
	Data NewRelicInsightsDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (NewRelicInsightsAlertChannelV2) ID added in v0.18.0 

func (c NewRelicInsightsAlertChannelV2) ID() string

func (NewRelicInsightsAlertChannelV2) StateString added in v0.34.0 

func (c NewRelicInsightsAlertChannelV2) StateString() string

func (NewRelicInsightsAlertChannelV2) Status added in v0.34.0 

func (c NewRelicInsightsAlertChannelV2) Status() string

type NewRelicInsightsDataV2 added in v0.18.0 

type NewRelicInsightsDataV2 struct {
	AccountID int    `json:"accountId"`
	InsertKey string `json:"insertKey"`
}

type Option 

type Option interface {
	// contains filtered or unexported methods
}

func WithApiKeys 

func WithApiKeys(id, secret string) Option

WithApiKeys sets the key_id and secret used to generate API access tokens

func WithApiV2 

func WithApiV2() Option

WithApiV2 configures the client to use the API version 2 (/api/v2) for common API endpoints

func WithExpirationTime 

func WithExpirationTime(t int) Option

WithExpirationTime configures the token expiration time

func WithHeader added in v0.1.19 

func WithHeader(header, value string) Option

WithHeader configures a HTTP Header to pass to every request

func WithLifecycleCallbacks added in v0.10.0 

func WithLifecycleCallbacks(callbacks LifecycleCallbacks) Option

WithLifecycleCallbacks will configure the lifecycle callback functions

func WithLogFile added in v0.1.2 

func WithLogFile(filename string) Option

WithLogFile configures the client to write messages to the provided file

func WithLogLevel added in v0.1.1 

func WithLogLevel(level string) Option

WithLogLevel sets the log level of the client, available: info, debug, or error

func WithLogLevelAndFile added in v0.1.2 

func WithLogLevelAndFile(level string, filename string) Option

WithLogLevelAndFile sets the log level of the client and writes the log messages to the provided file

func WithLogLevelAndWriter added in v0.1.2 

func WithLogLevelAndWriter(level string, w io.Writer) Option

WithLogLevelAndWriter sets the log level of the client and writes the log messages to the provided io.Writer

func WithLogWriter added in v0.1.2 

func WithLogWriter(w io.Writer) Option

WithLogWriter configures the client to log messages to the provided io.Writer

func WithOrgAccess added in v0.10.0 

func WithOrgAccess() Option

WithOrgAccess sets the Org-Access Header to access the organization level data sets

func WithSubaccount added in v0.8.0 

func WithSubaccount(subaccount string) Option

WithSubaccount sets a subaccount into an API client

func WithTimeout added in v0.2.19 

func WithTimeout(timeout time.Duration) Option

WithTimeout changes the default client timeout

func WithToken 

func WithToken(token string) Option

WithToken sets the token used to authenticate the API requests

func WithTokenAndExpiration added in v0.10.0 

func WithTokenAndExpiration(token string, expiration time.Time) Option

WithTokenAndExpiration sets the token used to authenticate the API requests and additionally configures the expiration of the token

func WithTokenFromKeys 

func WithTokenFromKeys(id, secret string) Option

WithTokenFromKeys sets the API access keys and triggers a new token generation NOTE: Order matters when using this option, use it at the end of a NewClient() func

func WithURL 

func WithURL(baseURL string) Option

WithURL sets the base URL, this options is only available for test purposes

type OrganizationInfo added in v1.0.0 

type OrganizationInfo struct {
	OrgAccount    bool   `json:"orgAccount"`
	OrgAccountURL string `json:"orgAccountUrl,omitempty"`
}

func (OrganizationInfo) AccountName added in v1.0.0 

func (r OrganizationInfo) AccountName() string

type OrganizationInfoResponse added in v1.0.0 

type OrganizationInfoResponse struct {
	Data []OrganizationInfo `json:"data"`
}

type OrganizationInfoService added in v1.0.0 

type OrganizationInfoService struct {
	// contains filtered or unexported fields
}

OrganizationInfoService is the service that interacts with the OrganizationInfo schema from the Lacework APIv2 Server

func (*OrganizationInfoService) Get added in v1.0.0 

func (svc *OrganizationInfoService) Get() (
	response OrganizationInfoResponse,
	err error,
)

type Pageable added in v0.25.0 

type Pageable interface {
	PageInfo() *V2Pagination
	ResetPaging()
}

Pageable is the interface that structs should implement to become pageable and be able to use the client.NextPage() function

type PagerDutyApiAlertChannelResponseV2 added in v0.18.0 

type PagerDutyApiAlertChannelResponseV2 struct {
	Data PagerDutyApiAlertChannelV2 `json:"data"`
}

type PagerDutyApiAlertChannelV2 added in v0.18.0 

type PagerDutyApiAlertChannelV2 struct {
	Data PagerDutyApiDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (PagerDutyApiAlertChannelV2) ID added in v0.18.0 

func (c PagerDutyApiAlertChannelV2) ID() string

func (PagerDutyApiAlertChannelV2) StateString added in v0.34.0 

func (c PagerDutyApiAlertChannelV2) StateString() string

func (PagerDutyApiAlertChannelV2) Status added in v0.34.0 

func (c PagerDutyApiAlertChannelV2) Status() string

type PagerDutyApiDataV2 added in v0.18.0 

type PagerDutyApiDataV2 struct {
	IntegrationKey string `json:"apiIntgKey"`
}

type PoliciesResponse added in v0.10.0 

type PoliciesResponse struct {
	Data    []Policy `json:"data"`
	Message string   `json:"message"`
}

type Policy added in v0.8.0 

type Policy struct {
	PolicyID               string                                               `json:"policyId" yaml:"policyId"`
	PolicyType             string                                               `json:"policyType" yaml:"-"`
	QueryID                string                                               `json:"queryId" yaml:"queryId"`
	Title                  string                                               `json:"title" yaml:"title"`
	Enabled                bool                                                 `json:"enabled" yaml:"enabled"`
	Description            string                                               `json:"description" yaml:"description"`
	Remediation            string                                               `json:"remediation" yaml:"remediation"`
	Severity               string                                               `json:"severity" yaml:"severity"`
	Limit                  int                                                  `json:"limit" yaml:"limit"`
	EvalFrequency          string                                               `json:"evalFrequency" yaml:"evalFrequency"`
	AlertEnabled           bool                                                 `json:"alertEnabled" yaml:"alertEnabled"`
	AlertProfile           string                                               `json:"alertProfile" yaml:"alertProfile"`
	Tags                   []string                                             `json:"tags" yaml:"tags"`
	Owner                  string                                               `json:"owner" yaml:"-"`
	LastUpdateTime         string                                               `json:"lastUpdateTime" yaml:"-"`
	LastUpdateUser         string                                               `json:"lastUpdateUser" yaml:"-"`
	ExceptionConfiguration map[string][]PolicyExceptionConfigurationConstraints `json:"exceptionConfiguration" yaml:"-"`
}

func (*Policy) HasTag added in v0.25.0 

func (p *Policy) HasTag(t string) bool

type PolicyException added in v0.37.0 

type PolicyException struct {
	ExceptionID    string                      `json:"exceptionId,omitempty"`
	Description    string                      `json:"description"`
	Constraints    []PolicyExceptionConstraint `json:"constraints"`
	LastUpdateTime string                      `json:"lastUpdateTime,omitempty"`
	LastUpdateUser string                      `json:"lastUpdateUser,omitempty"`
}

type PolicyExceptionConfigurationConstraints added in v1.3.0 

type PolicyExceptionConfigurationConstraints struct {
	DataType   string `json:"dataType" yaml:"dataType"`
	FieldKey   string `json:"fieldKey" yaml:"fieldKey"`
	MultiValue bool   `json:"multiValue" yaml:"multiValue"`
}

type PolicyExceptionConstraint added in v0.37.0 

type PolicyExceptionConstraint struct {
	FieldKey    string `json:"fieldKey"`
	FieldValues []any  `json:"fieldValues"`
}

type PolicyExceptionResponse added in v0.37.0 

type PolicyExceptionResponse struct {
	Data PolicyException `json:"data"`
}

type PolicyExceptionsResponse added in v0.37.0 

type PolicyExceptionsResponse struct {
	Data []PolicyException `json:"data"`
}

type PolicyResponse added in v0.8.0 

type PolicyResponse struct {
	Data    Policy `json:"data"`
	Message string `json:"message"`
}

type PolicyService added in v0.8.0 

type PolicyService struct {
	Exceptions *policyExceptionsService
	// contains filtered or unexported fields
}

PolicyService is a service that interacts with the Custom Policies endpoints from the Lacework Server

func NewV2PolicyService added in v0.37.0 

func NewV2PolicyService(c *Client) *PolicyService

func (*PolicyService) Create added in v0.8.0 

func (svc *PolicyService) Create(np NewPolicy) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) Delete added in v0.8.0 

func (svc *PolicyService) Delete(policyID string) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) Get added in v0.10.0 

func (svc *PolicyService) Get(policyID string) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) List added in v0.10.0 

func (svc *PolicyService) List() (
	response PoliciesResponse,
	err error,
)

func (*PolicyService) ListTags added in v0.25.0 

func (svc *PolicyService) ListTags() (
	response PolicyTagsResponse,
	err error,
)

func (*PolicyService) Update added in v0.8.0 

func (svc *PolicyService) Update(up UpdatePolicy) (
	response PolicyResponse,
	err error,
)

type PolicyTagsResponse added in v0.25.0 

type PolicyTagsResponse struct {
	Data    []string `json:"data"`
	Message string   `json:"message"`
}

type ProxyScannerData added in v1.2.0 

type ProxyScannerData struct {
	RegistryType string              `json:"registryType"` // always "PROXY_SCANNER"
	LimitByTag   []string            `json:"limitByTag"`
	LimitByLabel []map[string]string `json:"limitByLabel"`
	LimitByRep   []string            `json:"limitByRep"`
	LimitNumImg  int                 `json:"limitNumImg"`
}

type ProxyScannerIntegration added in v1.2.0 

type ProxyScannerIntegration struct {
	Data        ProxyScannerData `json:"data"`
	ServerToken V2ServerToken    `json:"serverToken"`
	// contains filtered or unexported fields
}

func (ProxyScannerIntegration) ContainerRegistryType added in v1.2.0 

func (reg ProxyScannerIntegration) ContainerRegistryType() containerRegistryType

func (ProxyScannerIntegration) ID added in v1.2.0 

func (c ProxyScannerIntegration) ID() string

func (ProxyScannerIntegration) StateString added in v1.2.0 

func (c ProxyScannerIntegration) StateString() string

func (ProxyScannerIntegration) Status added in v1.2.0 

func (c ProxyScannerIntegration) Status() string

type ProxyScannerIntegrationResponse added in v1.2.0 

type ProxyScannerIntegrationResponse struct {
	Data ProxyScannerIntegration `json:"data"`
}

type QueriesResponse added in v0.10.0 

type QueriesResponse struct {
	Data    []Query `json:"data"`
	Message string  `json:"message"`
}

type Query added in v0.10.0 

type Query struct {
	QueryID        string                   `json:"queryId" yaml:"queryId"`
	QueryText      string                   `json:"queryText" yaml:"queryText"`
	Owner          string                   `json:"owner"`
	LastUpdateTime string                   `json:"lastUpdateTime"`
	LastUpdateUser string                   `json:"lastUpdateUser"`
	ResultSchema   []map[string]interface{} `json:"resultSchema"`
}

type QueryDeleteResponse added in v0.10.0 

type QueryDeleteResponse struct {
	Message string `json:"message"`
}

type QueryResponse added in v0.10.0 

type QueryResponse struct {
	Data    Query  `json:"data"`
	Message string `json:"message"`
}

type QueryService added in v0.10.0 

type QueryService struct {
	// contains filtered or unexported fields
}

QueryService is a service that interacts with the Queries endpoints from the Lacework Server

func (*QueryService) Create added in v0.10.0 

func (svc *QueryService) Create(nq NewQuery) (
	response QueryResponse,
	err error,
)

func (*QueryService) Delete added in v0.10.0 

func (svc *QueryService) Delete(id string) (
	response QueryDeleteResponse,
	err error,
)

func (*QueryService) Execute added in v0.10.0 

func (svc *QueryService) Execute(request ExecuteQueryRequest) (
	response ExecuteQueryResponse,
	err error,
)

func (*QueryService) ExecuteByID added in v0.11.0 

func (svc *QueryService) ExecuteByID(request ExecuteQueryByIDRequest) (
	response ExecuteQueryResponse,
	err error,
)

func (*QueryService) Get added in v0.10.0 

func (svc *QueryService) Get(id string) (
	response QueryResponse,
	err error,
)

func (*QueryService) List added in v0.10.0 

func (svc *QueryService) List() (
	response QueriesResponse,
	err error,
)

func (*QueryService) Update added in v0.10.0 

func (svc *QueryService) Update(id string, uq UpdateQuery) (
	response QueryResponse,
	err error,
)

func (*QueryService) Validate added in v0.10.0 

func (svc *QueryService) Validate(vq ValidateQuery) (
	response QueryResponse,
	err error,
)

type RecV2 added in v1.5.2 

type RecV2 struct {
	ID    string
	State bool
}

type RecommendationDataV2 added in v1.5.2 

type RecommendationDataV2 map[string]RecommendationEnabledV2

type RecommendationEnabledV2 added in v1.5.2 

type RecommendationEnabledV2 struct {
	Enabled bool `json:"enabled"`
}

type RecommendationResponseV2 added in v1.5.2 

type RecommendationResponseV2 struct {
	Data    []RecommendationDataV2 `json:"data"`
	Ok      bool                   `json:"ok"`
	Message string                 `json:"message"`
}

func (*RecommendationResponseV2) RecommendationList added in v1.5.2 

func (res *RecommendationResponseV2) RecommendationList() (recommendations []RecV2)

func (*RecommendationResponseV2) ReportStatus added in v1.5.2 

func (res *RecommendationResponseV2) ReportStatus() map[string]bool

ReportStatus This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct.

type RecommendationStateV2 added in v1.5.2 

type RecommendationStateV2 map[string]string

func NewRecommendationV2 added in v1.5.2 

func NewRecommendationV2(recommendations []RecV2) RecommendationStateV2

func NewRecommendationV2State added in v1.5.2 

func NewRecommendationV2State(recommendations []RecV2, state bool) RecommendationStateV2

type RecommendationTypeV2 added in v1.5.2 

type RecommendationTypeV2 string
const (
	AwsRecommendation   RecommendationTypeV2 = "aws"
	AzureRecommendation RecommendationTypeV2 = "azure"
	GcpRecommendation   RecommendationTypeV2 = "gcp"
)

type RecommendationV2 added in v0.44.0 

type RecommendationV2 struct {
	AccountID             string                  `json:"ACCOUNT_ID"`
	AccountAlias          string                  `json:"ACCOUNT_ALIAS"`
	Service               string                  `json:"SERVICE"`
	StartTime             int64                   `json:"START_TIME"`
	Suppressions          []string                `json:"SUPPRESSIONS"`
	InfoLink              string                  `json:"INFO_LINK"`
	AssessedResourceCount int                     `json:"ASSESSED_RESOURCE_COUNT"`
	Status                string                  `json:"STATUS"`
	RecID                 string                  `json:"REC_ID"`
	Category              string                  `json:"CATEGORY"`
	Title                 string                  `json:"TITLE"`
	Violations            []ComplianceViolationV2 `json:"VIOLATIONS"`
	ResourceCount         int                     `json:"RESOURCE_COUNT"`
	Severity              int                     `json:"SEVERITY"`
}

func (*RecommendationV2) SeverityString added in v0.44.0 

func (r *RecommendationV2) SeverityString() string

type RecommendationsServiceV2 added in v1.5.2 

type RecommendationsServiceV2 struct {
	Aws   recommendationServiceV2
	Azure recommendationServiceV2
	Gcp   recommendationServiceV2
	// contains filtered or unexported fields
}

RecommendationsServiceV2 is a service that interacts with the V2 Recommendations endpoints from the Lacework Server

type RelatedAlert added in v1.0.0 

type RelatedAlert struct {
	ID        string    `json:"eventId"`
	Name      string    `json:"eventName"`
	Type      string    `json:"eventType"`
	Severity  string    `json:"severity"`
	Rank      int       `json:"rank"`
	Info      AlertInfo `json:"eventInfo"`
	StartTime string    `json:"startTime"`
	EndTime   string    `json:"endTime"`
}

type RelatedAlerts added in v1.0.0 

type RelatedAlerts []RelatedAlert

func (RelatedAlerts) SortRankDescending added in v1.0.0 

func (ra RelatedAlerts) SortRankDescending() RelatedAlerts

type RelatedAlertsResponse added in v1.0.0 

type RelatedAlertsResponse struct {
	Data RelatedAlerts `json:"data"`
}

type ReportDefinition added in v1.0.0 

type ReportDefinition struct {
	ReportDefinitionGuid    string                  `json:"reportDefinitionGuid,omitempty"`
	ReportName              string                  `json:"reportName"`
	DisplayName             string                  `json:"displayName,omitempty"`
	ReportType              string                  `json:"reportType"`
	ReportNotificationType  string                  `json:"reportNotificationType,omitempty"`
	SubReportType           string                  `json:"subReportType"`
	ReportDefinitionDetails ReportDefinitionDetails `json:"reportDefinition"`
	Props                   ReportDefinitionProps   `json:"props"`
	DistributionType        string                  `json:"distributionType"`
	AlertChannels           []string                `json:"alertChannels,omitempty"`
	Frequency               string                  `json:"frequency,omitempty"`
	Version                 int                     `json:"version,omitempty"`
	UpdateType              string                  `json:"updateType,omitempty"`
	CreatedBy               string                  `json:"createdBy,omitempty"`
	CreatedTime             *time.Time              `json:"createdTime,omitempty"`
	Enabled                 int                     `json:"enabled,omitempty"`
}

func NewReportDefinition added in v1.0.0 

func NewReportDefinition(cfg ReportDefinitionConfig) ReportDefinition

NewReportDefinition creates a new report definition for Create function

type ReportDefinitionConfig added in v1.0.0 

type ReportDefinitionConfig struct {
	ReportName       string                      `json:"reportName"`
	ReportType       string                      `json:"reportType"`
	SubReportType    string                      `json:"subReportType"`
	Sections         []ReportDefinitionSection   `json:"sections"`
	Overrides        []ReportDefinitionOverrides `json:"overrides"`
	Props            ReportDefinitionProps       `json:"props"`
	AlertChannels    []string                    `json:"alertChannels"`
	DistributionType string                      `json:"distributionType"`
	Frequency        string                      `json:"frequency"`
	UpdateType       string                      `json:"updateType,omitempty"`
}

type ReportDefinitionDetails added in v1.0.0 

type ReportDefinitionDetails struct {
	Sections  []ReportDefinitionSection   `json:"sections"`
	Overrides []ReportDefinitionOverrides `json:"overrides,omitempty"`
}

type ReportDefinitionOverrides added in v1.0.0 

type ReportDefinitionOverrides struct {
	Policy string `json:"policy"`
	Title  string `json:"title"`
}

type ReportDefinitionProps added in v1.0.0 

type ReportDefinitionProps struct {
	Engine         string   `json:"engine,omitempty"`
	ReleaseLabel   string   `json:"releaseLabel,omitempty"`
	ResourceGroups []string `json:"resourceGroups,omitempty"`
	Integrations   []string `json:"integrations,omitempty"`
}

type ReportDefinitionResponse added in v1.0.0 

type ReportDefinitionResponse struct {
	Data ReportDefinition `json:"data"`
}

type ReportDefinitionSection added in v1.0.0 

type ReportDefinitionSection struct {
	Category string   `json:"category"`
	Title    string   `json:"title"`
	Policies []string `json:"policies"`
}

type ReportDefinitionsResponse added in v1.0.0 

type ReportDefinitionsResponse struct {
	Data []ReportDefinition `json:"data"`
}

type ReportDefinitionsService added in v1.0.0 

type ReportDefinitionsService struct {
	// contains filtered or unexported fields
}

ReportDefinitionsService is a service that interacts with the ReportDefinitions endpoints from the Lacework APIv2 Server

func (*ReportDefinitionsService) Delete added in v1.0.0 

func (svc *ReportDefinitionsService) Delete(guid string) error

Delete a ReportDefinition

func (*ReportDefinitionsService) Get added in v1.0.0 

func (svc *ReportDefinitionsService) Get(reportDefinitionGuid string) (response ReportDefinitionResponse, err error)

Get returns a ReportDefinitionResponse

func (*ReportDefinitionsService) List added in v1.0.0 

func (svc *ReportDefinitionsService) List() (response ReportDefinitionsResponse, err error)

List returns a ReportDefinitionResponse

type ReportRule added in v0.21.0 

type ReportRule struct {
	Guid                    string                      `json:"mcGuid,omitempty"`
	Type                    string                      `json:"type"`
	EmailAlertChannels      []string                    `json:"intgGuidList"`
	Filter                  ReportRuleFilter            `json:"filters"`
	ReportNotificationTypes ReportRuleNotificationTypes `json:"reportNotificationTypes"`
}

func NewReportRule added in v0.21.0 

func NewReportRule(name string, rule ReportRuleConfig) (ReportRule, error)

NewReportRule returns an instance of the ReportRule struct

Basic usage: Initialize a new ReportRule struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  reportRule := api.NewReportRule(
		"Foo",
		api.ReportRuleConfig{
		Description: "My Report Rule"
		Severities: api.ReportRuleSeverities{api.ReportRuleSeverityHigh,
		EmailAlertChannels: []string{"TECHALLY_000000000000AAAAAAAAAAAAAAAAAAAA"},
		ResourceGroups: []string{"TECHALLY_111111111111AAAAAAAAAAAAAAAAAAAA"}
		ReportNotificationTypes: api.WeeklyEventsReportRuleNotifications{TrendReport: true},
      },
    },
  )

  client.V2.ReportRules.Create(reportRule)

type ReportRuleConfig added in v0.21.0 

type ReportRuleConfig struct {
	EmailAlertChannels []string
	Description        string
	Severities         ReportRuleSeverities
	NotificationTypes  []reportRuleNotification
	ResourceGroups     []string
}

type ReportRuleFilter added in v0.21.0 

type ReportRuleFilter struct {
	Name                 string   `json:"name"`
	Enabled              int      `json:"enabled"`
	Description          string   `json:"description,omitempty"`
	Severity             []int    `json:"severity"`
	ResourceGroups       []string `json:"resourceGroups,omitempty"`
	CreatedOrUpdatedTime string   `json:"createdOrUpdatedTime,omitempty"`
	CreatedOrUpdatedBy   string   `json:"createdOrUpdatedBy,omitempty"`
}

func (ReportRuleFilter) Status added in v0.21.0 

func (rule ReportRuleFilter) Status() string

type ReportRuleNotificationTypes added in v0.21.0 

type ReportRuleNotificationTypes struct {
	AgentEvents               bool `json:"agentEvents"`
	AwsCisS3                  bool `json:"awsCisS3"`
	AwsCloudtrailEvents       bool `json:"awsCloudtrailEvents"`
	AwsComplianceEvents       bool `json:"awsComplianceEvents"`
	AwsHipaa                  bool `json:"hipaa"`
	AwsIso2700                bool `json:"iso2700"`
	AwsNist80053Rev4          bool `json:"nist800-53Rev4"`
	AwsNist800171Rev2         bool `json:"nist800-171Rev2"`
	AwsPci                    bool `json:"pci"`
	AwsSoc                    bool `json:"soc"`
	AwsSocRev2                bool `json:"awsSocRev2"`
	AzureActivityLogEvents    bool `json:"azureActivityLogEvents"`
	AzureCis                  bool `json:"azureCis"`
	AzureCis131               bool `json:"azureCis131"`
	AzureComplianceEvents     bool `json:"azureComplianceEvents"`
	AzurePci                  bool `json:"azurePci"`
	AzureSoc                  bool `json:"azureSoc"`
	GcpAuditTrailEvents       bool `json:"gcpAuditTrailEvents"`
	GcpCis                    bool `json:"gcpCis"`
	GcpComplianceEvents       bool `json:"gcpComplianceEvents"`
	GcpHipaa                  bool `json:"gcpHipaa"`
	GcpHipaaRev2              bool `json:"gcpHipaaRev2"`
	GcpIso27001               bool `json:"gcpIso27001"`
	GcpCis12                  bool `json:"gcpCis12"`
	GcpK8s                    bool `json:"gcpK8s"`
	GcpPci                    bool `json:"gcpPci"`
	GcpPciRev2                bool `json:"gcpPciRev2"`
	GcpSoc                    bool `json:"gcpSoc"`
	GcpSocRev2                bool `json:"gcpSocRev2"`
	OpenShiftCompliance       bool `json:"openShiftCompliance"`
	OpenShiftComplianceEvents bool `json:"openShiftComplianceEvents"`
	PlatformEvents            bool `json:"platformEvents"`
	TrendReport               bool `json:"trendReport"`
}

func NewReportRuleNotificationTypes added in v0.21.0 

func NewReportRuleNotificationTypes(types []reportRuleNotification) (ReportRuleNotificationTypes, error)

func (ReportRuleNotificationTypes) ToMap added in v0.21.0 

func (all ReportRuleNotificationTypes) ToMap() map[string]bool

type ReportRuleNotifications added in v0.21.0 

type ReportRuleNotifications []reportRuleNotification

type ReportRuleResponse added in v0.21.0 

type ReportRuleResponse struct {
	Data ReportRule `json:"data"`
}

type ReportRuleSeverities added in v0.21.0 

type ReportRuleSeverities []reportRuleSeverity

func NewReportRuleSeverities added in v0.21.0 

func NewReportRuleSeverities(sevSlice []string) ReportRuleSeverities

func NewReportRuleSeveritiesFromIntSlice added in v0.21.0 

func NewReportRuleSeveritiesFromIntSlice(sevSlice []int) ReportRuleSeverities

func (ReportRuleSeverities) ToStringSlice added in v0.21.0 

func (sevs ReportRuleSeverities) ToStringSlice() []string

type ReportRulesResponse added in v0.21.0 

type ReportRulesResponse struct {
	Data []ReportRule `json:"data"`
}

type ReportRulesService added in v0.21.0 

type ReportRulesService struct {
	// contains filtered or unexported fields
}

ReportRulesService is the service that interacts with the ReportRules schema from the Lacework APIv2 Server

func (*ReportRulesService) Create added in v0.21.0 

func (svc *ReportRulesService) Create(rule ReportRule) (
	response ReportRuleResponse,
	err error,
)

Create creates a single Report Rule

func (*ReportRulesService) Delete added in v0.21.0 

func (svc *ReportRulesService) Delete(guid string) error

Delete deletes a Report Rule that matches the provided guid

func (*ReportRulesService) Get added in v0.21.0 

func (svc *ReportRulesService) Get(guid string, response interface{}) error

Get returns a raw response of the Report Rule with the matching guid.

func (*ReportRulesService) List added in v0.21.0 

func (svc *ReportRulesService) List() (response ReportRulesResponse, err error)

List returns a list of Report Rules

func (*ReportRulesService) Update added in v0.21.0 

func (svc *ReportRulesService) Update(data ReportRule) (
	response ReportRuleResponse,
	err error,
)

Update updates a single Report Rule of the provided guid.

type ReportSchema added in v0.31.0 

type ReportSchema struct {
	Name              string            `json:"name"`
	RecommendationIDs map[string]string `json:"recommendationIDs"`
}

type ReportSummary added in v0.44.0 

type ReportSummary struct {
	NumRecommendations        int `json:"NUM_RECOMMENDATIONS"`
	NumSeverity2NonCompliance int `json:"NUM_SEVERITY_2_NON_COMPLIANCE"`
	NumSeverity4NonCompliance int `json:"NUM_SEVERITY_4_NON_COMPLIANCE"`
	NumSeverity1NonCompliance int `json:"NUM_SEVERITY_1_NON_COMPLIANCE"`
	NumCompliant              int `json:"NUM_COMPLIANT"`
	NumSeverity3NonCompliance int `json:"NUM_SEVERITY_3_NON_COMPLIANCE"`
	AssessedResourceCount     int `json:"ASSESSED_RESOURCE_COUNT"`
	NumSuppressed             int `json:"NUM_SUPPRESSED"`
	NumSeverity5NonCompliance int `json:"NUM_SEVERITY_5_NON_COMPLIANCE"`
	NumNotComplinace          int `json:"NUM_NOT_COMPLIANT"`
	ViolatedResourceCount     int `json:"VIOLATED_RESOURCE_COUNT"`
	SuppressedResourceCount   int `json:"SUPPRESSED_RESOURCE_COUNT"`
}

type ReportsService added in v0.44.0 

type ReportsService struct {
	Aws   *awsReportsService
	Azure *azureReportsService
	Gcp   *gcpReportsService
	// contains filtered or unexported fields
}

ReportsService is a service that interacts with the Reports endpoints from the Lacework APIv2 Server

func NewReportsService added in v0.44.0 

func NewReportsService(c *Client) *ReportsService

type ResourceGroup added in v0.15.0 

type ResourceGroup interface {
	ID() string
	ResourceGroupType() ResourceGroupType
	ResetResourceGUID()
}

type ResourceGroupData added in v0.15.0 

type ResourceGroupData struct {
	Guid         string      `json:"guid,omitempty"`
	IsDefault    int         `json:"isDefault,omitempty"`
	ResourceGuid string      `json:"resourceGuid,omitempty"`
	Name         string      `json:"resourceName"`
	Type         string      `json:"resourceType"`
	Enabled      int         `json:"enabled,omitempty"`
	Props        interface{} `json:"props"`
}

func NewResourceGroup added in v0.15.0 

func NewResourceGroup(name string, iType ResourceGroupType, props interface{}) ResourceGroupData

NewResourceGroup returns an instance of the ResourceGroupData struct with the provided ResourceGroup type, name and the props field as an interface{}.

NOTE: This function must be used by any ResourceGroup type.

Basic usage: Initialize a new ContainerResourceGroup struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  group := api.NewResourceGroup("container resource group",
    api.ContainerResourceGroup,
    api.ContainerResourceGroupData{
      Props: api.ContainerResourceGroupProps{
			Description:     "all containers,
			ContainerLabels: ContainerResourceGroupAllLabels,
			ContainerTags:   ContainerResourceGroupAllTags,
		},
    },
  )

  client.V2.ResourceGroups.Create(group)

func (ResourceGroupData) ID added in v0.15.0 

func (group ResourceGroupData) ID() string

func (*ResourceGroupData) ResetResourceGUID added in v0.15.0 

func (group *ResourceGroupData) ResetResourceGUID()

func (ResourceGroupData) ResourceGroupType added in v0.15.0 

func (group ResourceGroupData) ResourceGroupType() ResourceGroupType

func (ResourceGroupData) Status added in v0.15.0 

func (group ResourceGroupData) Status() string

type ResourceGroupProps added in v0.20.0 

type ResourceGroupProps interface {
	GetBaseProps() ResourceGroupPropsBase
}

type ResourceGroupPropsBase added in v0.20.0 

type ResourceGroupPropsBase struct {
	Description string        `json:"description"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

type ResourceGroupResponse added in v0.15.0 

type ResourceGroupResponse struct {
	Data ResourceGroupData `json:"data"`
}

type ResourceGroupType added in v0.15.0 

type ResourceGroupType int
const (
	// type that defines a non-existing Resource Group
	NoneResourceGroup ResourceGroupType = iota
	AwsResourceGroup
	AzureResourceGroup
	ContainerResourceGroup
	GcpResourceGroup
	MachineResourceGroup

	// requires Org Access account client.WithOrgAccess()
	LwAccountResourceGroup
)

func FindResourceGroupType added in v0.15.0 

func FindResourceGroupType(resourceGroup string) (ResourceGroupType, bool)

FindResourceGroupType looks up inside the list of available resource group types the matching type from the provided string, if none, returns NoneResourceGroup

func (ResourceGroupType) String added in v0.15.0 

func (i ResourceGroupType) String() string

String returns the string representation of a Resource Group type

type ResourceGroupsResponse added in v0.15.0 

type ResourceGroupsResponse struct {
	Data []ResourceGroupData `json:"data"`
}

type ResourceGroupsService added in v0.15.0 

type ResourceGroupsService struct {
	// contains filtered or unexported fields
}

ResourceGroupsService is the service that interacts with the ResourceGroups schema from the Lacework APIv2 Server

func (*ResourceGroupsService) Create added in v0.15.0 

func (svc *ResourceGroupsService) Create(group ResourceGroupData) (
	response ResourceGroupResponse,
	err error,
)

Create creates a single Resource Group

func (*ResourceGroupsService) CreateAws added in v0.15.0 

func (svc *ResourceGroupsService) CreateAws(data ResourceGroup) (
	response AwsResourceGroupResponse,
	err error,
)

CreateAws creates a single Aws ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateAzure added in v0.15.0 

func (svc *ResourceGroupsService) CreateAzure(data ResourceGroup) (
	response AzureResourceGroupResponse,
	err error,
)

CreateAzure creates a single Azure ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateContainer added in v0.15.0 

func (svc *ResourceGroupsService) CreateContainer(data ResourceGroup) (
	response ContainerResourceGroupResponse,
	err error,
)

CreateContainer creates a single Container ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateGcp added in v0.15.0 

func (svc *ResourceGroupsService) CreateGcp(data ResourceGroup) (
	response GcpResourceGroupResponse,
	err error,
)

CreateGcp creates a single Gcp ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateLwAccount added in v0.15.0 

func (svc *ResourceGroupsService) CreateLwAccount(data ResourceGroup) (
	response LwAccountResourceGroupResponse,
	err error,
)

CreateLwAccount creates a single LwAccount ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateMachine added in v0.15.0 

func (svc *ResourceGroupsService) CreateMachine(data ResourceGroup) (
	response MachineResourceGroupResponse,
	err error,
)

CreateMachine creates a single Machine ResourceGroup on the Lacework Server

func (*ResourceGroupsService) Delete added in v0.15.0 

func (svc *ResourceGroupsService) Delete(guid string) error

Delete deletes a Resource Group that matches the provided resource guid

func (*ResourceGroupsService) Get added in v0.15.0 

func (svc *ResourceGroupsService) Get(guid string, response interface{}) error

Get returns a raw response of the Resource Group with the matching resource guid.

To return a more specific Go struct of a Resource Group, use the proper method such as GetContainerResourceGroup() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Resource Group type.

func (*ResourceGroupsService) GetAws added in v0.15.0 

func (svc *ResourceGroupsService) GetAws(guid string) (
	response AwsResourceGroupResponse,
	err error,
)

GetAws gets a single Aws ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetAzure added in v0.15.0 

func (svc *ResourceGroupsService) GetAzure(guid string) (
	response AzureResourceGroupResponse,
	err error,
)

GetAzure gets a single Azure ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetContainer added in v0.15.0 

func (svc *ResourceGroupsService) GetContainer(guid string) (
	response ContainerResourceGroupResponse,
	err error,
)

GetContainer gets a single Container ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetGcp added in v0.15.0 

func (svc *ResourceGroupsService) GetGcp(guid string) (
	response GcpResourceGroupResponse,
	err error,
)

GetGcp gets a single Gcp ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetLwAccount added in v0.15.0 

func (svc *ResourceGroupsService) GetLwAccount(guid string) (
	response LwAccountResourceGroupResponse,
	err error,
)

GetContainer gets a single LwAccount ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetMachine added in v0.15.0 

func (svc *ResourceGroupsService) GetMachine(guid string) (
	response MachineResourceGroupResponse,
	err error,
)

GetMachine gets a single Machine ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) List added in v0.15.0 

func (svc *ResourceGroupsService) List() (response ResourceGroupsResponse, err error)

List returns a list of Resource Groups

func (*ResourceGroupsService) Update added in v0.15.0 

func (svc *ResourceGroupsService) Update(data ResourceGroup) (
	response ResourceGroupResponse,
	err error,
)

Update updates a single ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateAws added in v0.15.0 

func (svc *ResourceGroupsService) UpdateAws(data ResourceGroup) (
	response AwsResourceGroupResponse, err error)

UpdateAws updates a single Aws ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateAzure added in v0.15.0 

func (svc *ResourceGroupsService) UpdateAzure(data ResourceGroup) (
	response AzureResourceGroupResponse,
	err error,
)

UpdateAzure updates a single Azure ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateContainer added in v0.15.0 

func (svc *ResourceGroupsService) UpdateContainer(data ResourceGroup) (
	response ContainerResourceGroupResponse,
	err error,
)

UpdateContainer updates a single Container ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateGcp added in v0.15.0 

func (svc *ResourceGroupsService) UpdateGcp(data ResourceGroup) (
	response GcpResourceGroupResponse,
	err error,
)

UpdateGcp updates a single Gcp ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateLwAccount added in v0.15.0 

func (svc *ResourceGroupsService) UpdateLwAccount(data ResourceGroup) (
	response LwAccountResourceGroupResponse,
	err error,
)

UpdateLwAccount updates a single LwAccount ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateMachine added in v0.15.0 

func (svc *ResourceGroupsService) UpdateMachine(data ResourceGroup) (
	response MachineResourceGroupResponse,
	err error,
)

UpdateMachine updates a single Machine ResourceGroup on the Lacework Server

type SchemasService added in v0.13.0 

type SchemasService struct {
	Services map[integrationSchema]V2Service
	// contains filtered or unexported fields
}

SchemasService is the service that retrieves schemas for v2

func (*SchemasService) GetService added in v0.13.0 

func (svc *SchemasService) GetService(schemaName integrationSchema) V2Service

type SearchFilter added in v0.10.0 

type SearchFilter struct {
	*TimeFilter `json:"timeFilter,omitempty"`
	Filters     []Filter `json:"filters,omitempty"`
	Returns     []string `json:"returns,omitempty"`
}

SearchFilter is the representation of an advanced search payload for retrieving information out of the Lacework APIv2 Server

An advanced example of a SearchFilter to search for an Agent Access Token that matches the provider token alias and return only the token found: 

SearchFilter{
	Filters: []Filter{
		Filter{
			Field:      "tokenAlias",
			Expression: "eq",
			Value:      "k8s-deployment,
		},
	},
	Returns: []string{"accessToken"},
}

type SearchResponse added in v1.0.0 

type SearchResponse interface {
	GetDataLength() int
}

type SearchableFilter added in v1.0.0 

type SearchableFilter interface {
	GetTimeFilter() *TimeFilter
	SetStartTime(*time.Time)
	SetEndTime(*time.Time)
}

type ServiceNowRestAlertChannelResponseV2 added in v0.18.0 

type ServiceNowRestAlertChannelResponseV2 struct {
	Data ServiceNowRestAlertChannelV2 `json:"data"`
}

type ServiceNowRestAlertChannelV2 added in v0.18.0 

type ServiceNowRestAlertChannelV2 struct {
	Data ServiceNowRestDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (ServiceNowRestAlertChannelV2) ID added in v0.18.0 

func (c ServiceNowRestAlertChannelV2) ID() string

func (ServiceNowRestAlertChannelV2) StateString added in v0.34.0 

func (c ServiceNowRestAlertChannelV2) StateString() string

func (ServiceNowRestAlertChannelV2) Status added in v0.34.0 

func (c ServiceNowRestAlertChannelV2) Status() string

type ServiceNowRestDataV2 added in v0.18.0 

type ServiceNowRestDataV2 struct {
	Username           string `json:"userName"`
	Password           string `json:"password"`
	InstanceURL        string `json:"instanceUrl"`
	CustomTemplateFile string `json:"customTemplateFile,omitempty"`
	IssueGrouping      string `json:"issueGrouping,omitempty"`
}

func (*ServiceNowRestDataV2) DecodeCustomTemplateFile added in v0.18.0 

func (snow *ServiceNowRestDataV2) DecodeCustomTemplateFile() (string, error)

func (*ServiceNowRestDataV2) EncodeCustomTemplateFile added in v0.18.0 

func (snow *ServiceNowRestDataV2) EncodeCustomTemplateFile(template string)

type SlackChannelAlertChannelResponseV2 added in v0.14.0 

type SlackChannelAlertChannelResponseV2 struct {
	Data SlackChannelAlertChannelV2 `json:"data"`
}

type SlackChannelAlertChannelV2 added in v0.14.0 

type SlackChannelAlertChannelV2 struct {
	Data SlackChannelDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (SlackChannelAlertChannelV2) ID added in v0.14.0 

func (c SlackChannelAlertChannelV2) ID() string

func (SlackChannelAlertChannelV2) StateString added in v0.34.0 

func (c SlackChannelAlertChannelV2) StateString() string

func (SlackChannelAlertChannelV2) Status added in v0.34.0 

func (c SlackChannelAlertChannelV2) Status() string

type SlackChannelDataV2 added in v0.14.0 

type SlackChannelDataV2 struct {
	SlackUrl string `json:"slackUrl"`
}

type SplunkHecAlertChannelResponseV2 added in v0.18.0 

type SplunkHecAlertChannelResponseV2 struct {
	Data SplunkHecAlertChannelV2 `json:"data"`
}

type SplunkHecAlertChannelV2 added in v0.18.0 

type SplunkHecAlertChannelV2 struct {
	Data SplunkHecDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (SplunkHecAlertChannelV2) ID added in v0.18.0 

func (c SplunkHecAlertChannelV2) ID() string

func (SplunkHecAlertChannelV2) StateString added in v0.34.0 

func (c SplunkHecAlertChannelV2) StateString() string

func (SplunkHecAlertChannelV2) Status added in v0.34.0 

func (c SplunkHecAlertChannelV2) Status() string

type SplunkHecDataV2 added in v0.18.0 

type SplunkHecDataV2 struct {
	HecToken  string               `json:"hecToken"`
	Channel   string               `json:"channel,omitempty"`
	Host      string               `json:"host"`
	Port      int                  `json:"port"`
	Ssl       bool                 `json:"ssl"`
	EventData SplunkHecEventDataV2 `json:"eventData"`
}

type SplunkHecEventDataV2 added in v0.18.0 

type SplunkHecEventDataV2 struct {
	Index  string `json:"index"`
	Source string `json:"source"`
}

type SuppressionConditions added in v1.3.0 

type SuppressionConditions struct {
	AccountIds         []string            `json:"accountIds,omitempty"`
	OrganizationIds    []string            `json:"organizationIds,omitempty"`
	ProjectIds         []string            `json:"projectIds,omitempty"`
	RegionNames        []string            `json:"regionNames,omitempty"`
	ResourceLabels     []map[string]string `json:"resourceLabels,omitempty"`
	ResourceGroupNames []string            `json:"resourceGroupNames,omitempty"`
	ResourceNames      []string            `json:"resourceNames,omitempty"`
	ResourceTags       []map[string]string `json:"resourceTags,omitempty"`
	SubscriptionIds    []string            `json:"subscriptionIds,omitempty"`
	TenantIds          []string            `json:"tenantIds,omitempty"`
	Comment            string              `json:"comments,omitempty"`
}

type SuppressionDataV2 added in v1.3.0 

type SuppressionDataV2 struct {
	RecommendationSuppressions map[string]map[string]interface{} `json:"recommendationExceptions"`
}

type SuppressionResponseV2 added in v1.3.0 

type SuppressionResponseV2 struct {
	Data    []SuppressionDataV2 `json:"data"`
	Ok      bool                `json:"ok"`
	Message string              `json:"message"`
}

func (*SuppressionResponseV2) SuppressionList added in v1.3.0 

func (res *SuppressionResponseV2) SuppressionList() (suppressions map[string]SuppressionV2)

type SuppressionTypeV2 added in v1.3.0 

type SuppressionTypeV2 string
const (
	AwsSuppression   SuppressionTypeV2 = "aws"
	AzureSuppression SuppressionTypeV2 = "azure"
	GcpSuppression   SuppressionTypeV2 = "gcp"
)

type SuppressionV2 added in v1.3.0 

type SuppressionV2 struct {
	Enabled               bool                    `json:"enabled"`
	SuppressionConditions []SuppressionConditions `json:"suppressionConditions"`
}

type SuppressionsServiceV2 added in v1.3.0 

type SuppressionsServiceV2 struct {
	Aws   suppressionServiceV2
	Azure suppressionServiceV2
	Gcp   suppressionServiceV2
	// contains filtered or unexported fields
}

SuppressionsServiceV2 is a service that interacts with the V2 Suppressions endpoints from the Lacework Server

type TeamMember added in v0.23.0 

type TeamMember struct {
	CustGuid    string          `json:"custGuid,omitempty"`
	Props       TeamMemberProps `json:"props"`
	UserEnabled int             `json:"userEnabled"`
	UserGuid    string          `json:"userGuid,omitempty"`
	UserName    string          `json:"userName,omitempty"`
}

TeamMember is for a standalone team member without org access

func NewTeamMember added in v0.23.0 

func NewTeamMember(username string, props TeamMemberProps) TeamMember

NewTeamMember returns an instance of the Team Member struct

Basic usage: Initialize a new TeamMember struct and then use the new instance to perform CRUD operations. 

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  teamMember := api.NewTeamMember(
		"FooBar",
		api.TeamMemberProps{
		Company: "ACME Inc",
		FirstName: "Foo",
		LastName: "Bar"
     },
  },

)

client.V2.TeamMembers.Create(teamMember)

type TeamMemberAccount added in v0.23.0 

type TeamMemberAccount struct {
	AccountName string `json:"accountName"`
	Admin       bool   `json:"admin"`
	CustGuid    string `json:"custGuid"`
	UserEnabled int    `json:"userEnabled"`
	UserGuid    string `json:"userGuid"`
}

type TeamMemberOrg added in v0.23.0 

type TeamMemberOrg struct {
	AdminRoleAccounts []string        `json:"adminRoleAccounts"`
	OrgAdmin          bool            `json:"orgAdmin"`
	OrgUser           bool            `json:"orgUser"`
	Props             TeamMemberProps `json:"props"`
	UserEnabled       int             `json:"userEnabled,omitempty"`
	UserGuid          string          `json:"userGuid,omitempty"`
	UserName          string          `json:"userName,omitempty"`
	UserRoleAccounts  []string        `json:"userRoleAccounts"`
}

TeamMemberOrg is for an organizational team member

func NewTeamMemberOrg added in v0.23.0 

func NewTeamMemberOrg(username string, props TeamMemberProps) TeamMemberOrg

NewTeamMemberOrg returns an instance of the team member org struct

Basic usage: Initialize a new TeamMemberOrg struct and then use the new instance to perform CRUD operations. 

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  teamMember := api.NewTeamMemberOrg(
		"FooBar",
		api.TeamMemberProps{
		Company: "ACME Inc",
		FirstName: "Foo",
		LastName: "Bar"
     },
  },

)

client.V2.TeamMembers.CreateOrg(teamMember)

type TeamMemberOrgData added in v0.23.0 

type TeamMemberOrgData struct {
	Accounts   []TeamMemberAccount `json:"accounts"`
	OrgAccount bool                `json:"orgAccount"`
	OrgAdmin   bool                `json:"orgAdmin"`
	OrgUser    bool                `json:"orgUser"`
	Url        string              `json:"url"`
	UserName   string              `json:"userName"`
}

type TeamMemberOrgResponse added in v0.23.0 

type TeamMemberOrgResponse struct {
	Data TeamMemberOrgData `json:"data"`
}

type TeamMemberProps added in v0.23.0 

type TeamMemberProps struct {
	AccountAdmin bool `json:"accountAdmin,omitempty"`
	//Company is empty for patch requests on updateOrg as it cannot be modified
	Company                string      `json:"company,omitempty"`
	CreatedTime            string      `json:"createdTime,omitempty"`
	FirstName              string      `json:"firstName"`
	JitCreated             bool        `json:"jitCreated,omitempty"`
	LastLoginTime          interface{} `json:"lastLoginTime,omitempty"`
	LastName               string      `json:"lastName"`
	LastSessionCreatedTime interface{} `json:"lastSessionCreatedTime,omitempty"`
	OrgAdmin               bool        `json:"orgAdmin,omitempty"`
	OrgUser                bool        `json:"orgUser,omitempty"`
	UpdatedBy              string      `json:"updatedBy,omitempty"`
	UpdatedTime            interface{} `json:"updatedTime,omitempty"`
}

type TeamMemberResponse added in v0.23.0 

type TeamMemberResponse struct {
	Data TeamMember `json:"data"`
}

type TeamMembersResponse added in v0.23.0 

type TeamMembersResponse struct {
	Data []TeamMember `json:"data"`
}

type TeamMembersService added in v0.23.0 

type TeamMembersService struct {
	// contains filtered or unexported fields
}

func (*TeamMembersService) Create added in v0.23.0 

func (svc *TeamMembersService) Create(tm TeamMember) (res TeamMemberResponse, err error)

Create creates a single team member

func (*TeamMembersService) CreateOrg added in v0.23.0 

func (svc *TeamMembersService) CreateOrg(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

CreateOrg creates a single team member at the org level TODO Move all ORG stuff into a different file

func (*TeamMembersService) Delete added in v0.23.0 

func (svc *TeamMembersService) Delete(guid string) error

Delete deletes a single team member at the account level with the corresponding guid

func (*TeamMembersService) DeleteOrg added in v0.23.0 

func (svc *TeamMembersService) DeleteOrg(guid string) error

DeleteOrg deletes a single team member at the org level with the corresponding guid

func (*TeamMembersService) Get added in v0.23.0 

func (svc *TeamMembersService) Get(guid string, res interface{}) error

Get returns a response of the team member

func (*TeamMembersService) List added in v0.23.0 

func (svc *TeamMembersService) List() (res TeamMembersResponse, err error)

List returns a list of team members

func (*TeamMembersService) SearchUsername added in v0.23.0 

func (svc *TeamMembersService) SearchUsername(username string) (res TeamMembersResponse, err error)

func (*TeamMembersService) Update added in v0.23.0 

func (svc *TeamMembersService) Update(tm TeamMember) (res TeamMemberResponse, err error)

Update updates a single team member at the account-level with the corresponding guid

func (*TeamMembersService) UpdateOrg added in v0.23.0 

func (svc *TeamMembersService) UpdateOrg(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

UpdateOrg updates a single team member at the org-level with the corresponding username

func (*TeamMembersService) UpdateOrgById added in v0.23.0 

func (svc *TeamMembersService) UpdateOrgById(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

UpdateOrgById updates a single team member at the org-level with the corresponding guid

type TimeFilter added in v0.10.0 

type TimeFilter struct {
	StartTime *time.Time `json:"startTime,omitempty"`
	EndTime   *time.Time `json:"endTime,omitempty"`
}

type TokenData added in v0.8.0 

type TokenData struct {
	ExpiresAt time.Time `json:"expiresAt"`
	Token     string    `json:"token"`
}

APIv2

type TokenV1Data added in v0.10.0 

type TokenV1Data struct {
	ExpiresAt string `json:"expiresAt"`
	Token     string `json:"token"`
}

APIv1

type TokenV1Response added in v0.10.0 

type TokenV1Response struct {
	Data    []TokenV1Data `json:"data"`
	Ok      bool          `json:"ok"`
	Message string        `json:"message"`
}

func (TokenV1Response) ExpiresAt added in v0.10.0 

func (v1 TokenV1Response) ExpiresAt() time.Time

Soon-To-Be-Deprecated

func (TokenV1Response) Token added in v0.10.0 

func (v1 TokenV1Response) Token() string

Soon-To-Be-Deprecated

type UpdatePolicy added in v0.10.0 

type UpdatePolicy struct {
	PolicyID      string   `json:"policyId,omitempty" yaml:"policyId,omitempty"`
	PolicyType    string   `json:"policyType,omitempty" yaml:"policyType,omitempty"`
	QueryID       string   `json:"queryId,omitempty" yaml:"queryId,omitempty"`
	Title         string   `json:"title,omitempty" yaml:"title,omitempty"`
	Enabled       *bool    `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	Description   string   `json:"description,omitempty" yaml:"description,omitempty"`
	Remediation   string   `json:"remediation,omitempty" yaml:"remediation,omitempty"`
	Severity      string   `json:"severity,omitempty" yaml:"severity,omitempty"`
	Limit         *int     `json:"limit,omitempty" yaml:"limit,omitempty"`
	EvalFrequency string   `json:"evalFrequency,omitempty" yaml:"evalFrequency,omitempty"`
	AlertEnabled  *bool    `json:"alertEnabled,omitempty" yaml:"alertEnabled,omitempty"`
	AlertProfile  string   `json:"alertProfile,omitempty" yaml:"alertProfile,omitempty"`
	Tags          []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}
In order to properly PATCH we need to omit items that aren't specified.

For booleans and integers Golang will omit zero values false and 0 respectively. This would prevent someone from toggling something to disabled or 0 respectively. As such we are using pointers instead of primitives for booleans and integers in this struct

func ParseUpdatePolicy added in v0.36.0 

func ParseUpdatePolicy(s string) (UpdatePolicy, error)

type UpdateQuery added in v0.10.0 

type UpdateQuery struct {
	QueryText string `json:"queryText"`
}

type UserEntity added in v0.25.0 

type UserEntity struct {
	CreatedTime      time.Time `json:"createdTime"`
	Mid              int       `json:"mid"`
	OtherGroupNames  []string  `json:"otherGroupNames"`
	PrimaryGroupName string    `json:"primaryGroupName"`
	UID              int       `json:"uid"`
	Username         string    `json:"username"`
}

type UserProfile added in v0.8.0 

type UserProfile struct {
	Username   string    `json:"username"`
	OrgAccount bool      `json:"orgAccount"`
	URL        string    `json:"url"`
	OrgAdmin   bool      `json:"orgAdmin"`
	OrgUser    bool      `json:"orgUser"`
	Accounts   []Account `json:"accounts"`
}

func (*UserProfile) OrgAccountName added in v0.8.0 

func (p *UserProfile) OrgAccountName() string

func (*UserProfile) SubAccountNames added in v0.8.0 

func (p *UserProfile) SubAccountNames() []string

type UserProfileResponse added in v0.8.0 

type UserProfileResponse struct {
	Data []UserProfile `json:"data"`
}

type UserProfileService added in v0.8.0 

type UserProfileService struct {
	// contains filtered or unexported fields
}

UserProfileService is the service that interacts with the UserProfile schema from the Lacework APIv2 Server

func (*UserProfileService) Get added in v0.8.0 

func (svc *UserProfileService) Get() (response UserProfileResponse, err error)

type UsersEntityResponse added in v0.25.0 

type UsersEntityResponse struct {
	Data   []UserEntity `json:"data"`
	Paging V2Pagination `json:"paging"`
}

func (UsersEntityResponse) PageInfo added in v0.25.0 

func (r UsersEntityResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (*UsersEntityResponse) ResetPaging added in v0.25.0 

func (r *UsersEntityResponse) ResetPaging()

type V2CommonIntegration added in v0.13.0 

type V2CommonIntegration struct {
	Data v2CommonIntegrationData `json:"data"`
}

type V2Endpoints added in v0.8.0 

type V2Endpoints struct {

	// Every schema must have its own service
	UserProfile             *UserProfileService
	AlertChannels           *AlertChannelsService
	Alert                   *v2alertProfilesService
	AlertRules              *AlertRulesService
	ReportRules             *ReportRulesService
	CloudAccounts           *CloudAccountsService
	ContainerRegistries     *ContainerRegistriesService
	Configs                 *v2ConfigService
	ResourceGroups          *ResourceGroupsService
	AgentAccessTokens       *AgentAccessTokensService
	AgentInfo               *AgentInfoService
	Inventory               *InventoryService
	ComplianceEvaluations   *ComplianceEvaluationService
	Query                   *QueryService
	OrganizationInfo        *OrganizationInfoService
	Policy                  *PolicyService
	Reports                 *ReportsService
	ReportDefinitions       *ReportDefinitionsService
	Entities                *EntitiesService
	Schemas                 *SchemasService
	Datasources             *DatasourcesService
	DataExportRules         *DataExportRulesService
	TeamMembers             *TeamMembersService
	VulnerabilityExceptions *VulnerabilityExceptionsService
	Vulnerabilities         *v2VulnerabilitiesService
	Alerts                  *AlertsService
	Suppressions            *SuppressionsServiceV2
	Recommendations         *RecommendationsServiceV2
	// contains filtered or unexported fields
}

V2Endpoints groups all APIv2 endpoints available, they are grouped by schema which matches with our service architecture

func NewV2Endpoints added in v0.8.0 

func NewV2Endpoints(c *Client) *V2Endpoints

type V2GcpAtSesIntegration added in v0.42.0 

type V2GcpAtSesIntegration struct {
	Data GcpAtSesData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpAtSesIntegration) ID added in v0.42.0 

func (c V2GcpAtSesIntegration) ID() string

func (V2GcpAtSesIntegration) StateString added in v0.42.0 

func (c V2GcpAtSesIntegration) StateString() string

func (V2GcpAtSesIntegration) Status added in v0.42.0 

func (c V2GcpAtSesIntegration) Status() string

type V2GcpCfgIntegration added in v0.42.0 

type V2GcpCfgIntegration struct {
	Data GcpCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpCfgIntegration) ID added in v0.42.0 

func (c V2GcpCfgIntegration) ID() string

func (V2GcpCfgIntegration) StateString added in v0.42.0 

func (c V2GcpCfgIntegration) StateString() string

func (V2GcpCfgIntegration) Status added in v0.42.0 

func (c V2GcpCfgIntegration) Status() string

type V2GcpSidekickIntegration added in v1.0.0 

type V2GcpSidekickIntegration struct {
	GcpSidekickToken `json:"serverToken"`
	Data             GcpSidekickData `json:"data"`
	// contains filtered or unexported fields
}

func (V2GcpSidekickIntegration) ID added in v1.0.0 

func (c V2GcpSidekickIntegration) ID() string

func (V2GcpSidekickIntegration) StateString added in v1.0.0 

func (c V2GcpSidekickIntegration) StateString() string

func (V2GcpSidekickIntegration) Status added in v1.0.0 

func (c V2GcpSidekickIntegration) Status() string

type V2IntegrationState added in v0.10.0 

type V2IntegrationState struct {
	Ok                 bool                   `json:"ok"`
	Details            map[string]interface{} `json:"details"`
	LastUpdatedTime    lwtime.Epoch           `json:"lastUpdatedTime"`
	LastSuccessfulTime lwtime.Epoch           `json:"lastSuccessfulTime"`
}

type V2Pagination added in v0.25.0 

type V2Pagination struct {
	Rows      int `json:"rows"`
	TotalRows int `json:"totalRows"`
	Urls      struct {
		NextPage string `json:"nextPage"`
	} `json:"urls"`
}

type V2RawType added in v0.42.0 

type V2RawType interface {
	GetData() any
	GetCommon() v2CommonIntegrationData
}

V2RawType is the interface that should be implemented when a struct is a response that contains v2CommonIntegrationData. This include AlertChannelRaw, CloudAccountRaw, ContainerRegistryRaw

type V2ServerToken added in v1.2.0 

type V2ServerToken struct {
	ServerToken string `json:"serverToken"`
	Uri         string `json:"uri"`
}

type V2Service added in v0.13.0 

type V2Service interface {
	Get(string, interface{}) error
	Delete(string) error
}

type ValidateQuery added in v0.10.1 

type ValidateQuery struct {
	QueryText string `json:"queryText"`
}

type VictorOpsAlertChannelResponseV2 added in v0.17.0 

type VictorOpsAlertChannelResponseV2 struct {
	Data VictorOpsAlertChannelV2 `json:"data"`
}

type VictorOpsAlertChannelV2 added in v0.17.0 

type VictorOpsAlertChannelV2 struct {
	Data VictorOpsDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (VictorOpsAlertChannelV2) ID added in v0.17.0 

func (c VictorOpsAlertChannelV2) ID() string

func (VictorOpsAlertChannelV2) StateString added in v0.34.0 

func (c VictorOpsAlertChannelV2) StateString() string

func (VictorOpsAlertChannelV2) Status added in v0.34.0 

func (c VictorOpsAlertChannelV2) Status() string

type VictorOpsDataV2 added in v0.17.0 

type VictorOpsDataV2 struct {
	Url string `json:"intgUrl"`
}

type VulnerabilitiesContainerScanResponse added in v1.0.0 

type VulnerabilitiesContainerScanResponse struct {
	Message string `json:"message"`
	Data    struct {
		RequestID string `json:"requestId"`
		Status    string `json:"status"`
	} `json:"data"`
}

func (*VulnerabilitiesContainerScanResponse) CheckStatus added in v1.0.0 

func (res *VulnerabilitiesContainerScanResponse) CheckStatus() string

type VulnerabilitiesContainersResponse added in v0.25.0 

type VulnerabilitiesContainersResponse struct {
	Data   []VulnerabilityContainer `json:"data"`
	Paging V2Pagination             `json:"paging"`
}

func (VulnerabilitiesContainersResponse) CriticalVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) CriticalVulnerabilities() int32

func (VulnerabilitiesContainersResponse) FixableVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) FixableVulnerabilities() int32

func (VulnerabilitiesContainersResponse) HighVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) HighVulnerabilities() int32

func (VulnerabilitiesContainersResponse) HighestFixableSeverity added in v1.0.0 

func (r VulnerabilitiesContainersResponse) HighestFixableSeverity() string

func (VulnerabilitiesContainersResponse) HighestSeverity added in v1.0.0 

func (r VulnerabilitiesContainersResponse) HighestSeverity() string

func (VulnerabilitiesContainersResponse) InfoVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) InfoVulnerabilities() int32

func (VulnerabilitiesContainersResponse) LowVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) LowVulnerabilities() int32

func (VulnerabilitiesContainersResponse) MediumVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) MediumVulnerabilities() int32

func (VulnerabilitiesContainersResponse) PageInfo added in v0.25.0 

func (r VulnerabilitiesContainersResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (*VulnerabilitiesContainersResponse) ResetPaging added in v0.25.0 

func (r *VulnerabilitiesContainersResponse) ResetPaging()

func (VulnerabilitiesContainersResponse) TotalFixableVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) TotalFixableVulnerabilities() int32

func (VulnerabilitiesContainersResponse) TotalVulnerabilities added in v1.0.0 

func (r VulnerabilitiesContainersResponse) TotalVulnerabilities() int

func (VulnerabilitiesContainersResponse) VulnFixableCount added in v1.0.0 

func (r VulnerabilitiesContainersResponse) VulnFixableCount(severity string) int32

type VulnerabilitiesContainersScanStatusResponse added in v1.0.0 

type VulnerabilitiesContainersScanStatusResponse struct {
	Message string `json:"message"`
	Data    struct {
		Status string `json:"status"`
	} `json:"data"`
}

func (*VulnerabilitiesContainersScanStatusResponse) CheckStatus added in v1.0.0 

func (res *VulnerabilitiesContainersScanStatusResponse) CheckStatus() string

type VulnerabilitiesHostResponse added in v0.25.0 

type VulnerabilitiesHostResponse struct {
	Data   []VulnerabilityHost `json:"data"`
	Paging V2Pagination        `json:"paging"`
}

func (VulnerabilitiesHostResponse) PageInfo added in v0.25.0 

func (r VulnerabilitiesHostResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (*VulnerabilitiesHostResponse) ResetPaging added in v0.25.0 

func (r *VulnerabilitiesHostResponse) ResetPaging()

func (*VulnerabilitiesHostResponse) VulnerabilityCounts added in v1.0.0 

func (hosts *VulnerabilitiesHostResponse) VulnerabilityCounts() HostVulnCounts

type VulnerabilitiesOsPkgInfo added in v1.0.0 

type VulnerabilitiesOsPkgInfo struct {
	Os     string `json:"os"`
	OsVer  string `json:"osVer"`
	Pkg    string `json:"pkg"`
	PkgVer string `json:"pkgVer"`
}

type VulnerabilitiesPackageManifest added in v1.0.0 

type VulnerabilitiesPackageManifest struct {
	OsPkgInfoList []VulnerabilitiesOsPkgInfo `json:"osPkgInfoList"`
}

type VulnerabilityAssessment added in v0.4.0 

type VulnerabilityAssessment interface {
	HighestSeverity() string
	HighestFixableSeverity() string
	TotalFixableVulnerabilities() int32
}

VulnerabilityAssessment is used to provide common functions that are required by host or container vulnerability assessments, this is used to treat them both as equal

type VulnerabilityContainer added in v0.25.0 

type VulnerabilityContainer struct {
	EvalCtx struct {
		CveBatchInfo []struct {
			CveBatchID     string `json:"cve_batch_id"`
			CveCreatedTime string `json:"cve_created_time"`
		} `json:"cve_batch_info"`
		ExceptionProps []struct {
			Status string `json:"status"`
		} `json:"exception_props"`
		ImageInfo        ImageInfo `json:"image_info"`
		IsDailyJob       string    `json:"isDailyJob"`
		IsReeval         bool      `json:"is_reeval"`
		ScanBatchID      string    `json:"scan_batch_id"`
		ScanCreatedTime  string    `json:"scan_created_time"`
		ScanRequestProps struct {
			DataFormatVersion string `json:"data_format_version"`
			Environment       struct {
				DockerVersion struct {
					ErrorMessage string `json:"error_message"`
				} `json:"docker_version"`
			} `json:"environment"`
			Props struct {
				DataFormatVersion string `json:"data_format_version"`
				ScannerVersion    string `json:"scanner_version"`
			} `json:"props"`
			ScanCompletionUtcTime int    `json:"scanCompletionUtcTime"`
			ScanStartTime         int    `json:"scan_start_time"`
			ScannerVersion        string `json:"scanner_version"`
		} `json:"scan_request_props"`
		VulnBatchID     string `json:"vuln_batch_id"`
		VulnCreatedTime string `json:"vuln_created_time"`
	} `json:"evalCtx"`
	FeatureKey struct {
		Name      string `json:"name"`
		Namespace string `json:"namespace"`
		Version   string `json:"version"`
	} `json:"featureKey"`
	FeatureProps struct {
		IntroducedIn  string `json:"introduced_in"`
		Layer         string `json:"layer"`
		Feed          string `json:"feed"`
		Src           string `json:"src"`
		VersionFormat string `json:"version_format"`
	} `json:"featureProps"`
	FixInfo struct {
		CompareResult int    `json:"compare_result"`
		FixAvailable  int    `json:"fix_available"`
		FixedVersion  string `json:"fixed_version"`
	} `json:"fixInfo"`
	ImageID   string    `json:"imageId"`
	Severity  string    `json:"severity"`
	StartTime time.Time `json:"startTime"`
	Status    string    `json:"status"`
	VulnID    string    `json:"vulnId"`
}

type VulnerabilityException added in v0.24.0 

type VulnerabilityException struct {
	Guid                  string                               `json:"exceptionGuid,omitempty"`
	Enabled               int                                  `json:"state"`
	ExceptionName         string                               `json:"exceptionName"`
	ExceptionType         string                               `json:"exceptionType"`
	ExceptionReason       string                               `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps          `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria       `json:"vulnerabilityCriteria"`
	ResourceScope         *VulnerabilityExceptionResourceScope `json:"resourceScope,omitempty"`
	CreatedTime           string                               `json:"createdTime,omitempty"`
	UpdatedTime           string                               `json:"updatedTime,omitempty"`
	ExpiryTime            string                               `json:"expiryTime,omitempty"`
}

func NewVulnerabilityException added in v0.24.0 

func NewVulnerabilityException(name string, exception VulnerabilityExceptionConfig) VulnerabilityException

NewVulnerabilityException returns an instance of the VulnerabilityException struct

Basic usage: Initialize a new VulnerabilityException struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  exception := api.VulnerabilityExceptionConfig{
      Type:            api.VulnerabilityExceptionTypeHost,
      Description:     "This is a vuln exception",
      ExceptionReason: api.VulnerabilityExceptionReasonCompensatingControls,
      Severities:      api.VulnerabilityExceptionSeverities{api.VulnerabilityExceptionSeverityCritical},
      Fixable: 		  true,
      ResourceScope:   api.VulnerabilityExceptionContainerResourceScope{
         ImageID:    []string{""},
         ImageTag:   []string{""},
         Registry:   []string{""},
         Repository: []string{""},
         Namespace:  []string{""},
      },
      ExpiryTime: time.Now().AddDate(0, 1, 0),
  }

	 vulnerabilityException := api.NewVulnerabilityException("vulnerabilityException", exception)

  client.V2.VulnerabilityExceptions.Create(vulnerabilityException)

func (VulnerabilityException) Status added in v0.24.0 

func (exception VulnerabilityException) Status() string

type VulnerabilityExceptionConfig added in v0.24.0 

type VulnerabilityExceptionConfig struct {
	Description     string
	Type            vulnerabilityExceptionType
	ExceptionReason vulnerabilityExceptionReason
	Severities      VulnerabilityExceptionSeverities
	Cve             []string
	Package         []VulnerabilityExceptionPackage
	Fixable         *bool
	ResourceScope   vulnerabilityExceptionResourceScope
	ExpiryTime      time.Time
}

func (VulnerabilityExceptionConfig) FixableEnabled added in v0.24.0 

func (cfg VulnerabilityExceptionConfig) FixableEnabled() []int

type VulnerabilityExceptionContainer added in v0.24.0 

type VulnerabilityExceptionContainer struct {
	Guid                  string                                       `json:"exceptionGuid,omitempty"`
	Enabled               int                                          `json:"state"`
	ExceptionName         string                                       `json:"exceptionName"`
	ExceptionType         string                                       `json:"exceptionType"`
	ExceptionReason       string                                       `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps                  `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria               `json:"vulnerabilityCriteria"`
	ResourceScope         VulnerabilityExceptionResourceScopeContainer `json:"resourceScope,omitempty"`
	CreatedTime           string                                       `json:"createdTime,omitempty"`
	UpdatedTime           string                                       `json:"updatedTime,omitempty"`
	ExpiryTime            string                                       `json:"expiryTime,omitempty"`
}

type VulnerabilityExceptionContainerResourceScope added in v0.24.0 

type VulnerabilityExceptionContainerResourceScope struct {
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`
	Namespace  []string `json:"namespace,omitempty"`
}

func (VulnerabilityExceptionContainerResourceScope) Scope added in v0.24.0 

func (ctr VulnerabilityExceptionContainerResourceScope) Scope() VulnerabilityExceptionResourceScope

func (VulnerabilityExceptionContainerResourceScope) Type added in v0.24.0 

func (ctr VulnerabilityExceptionContainerResourceScope) Type() vulnerabilityExceptionType

type VulnerabilityExceptionContainerResponse added in v0.24.0 

type VulnerabilityExceptionContainerResponse struct {
	Data VulnerabilityExceptionContainer `json:"data"`
}

type VulnerabilityExceptionCriteria added in v0.24.0 

type VulnerabilityExceptionCriteria struct {
	Cve      []string              `json:"cve,omitempty"`
	Package  []map[string][]string `json:"package,omitempty"`
	Severity []string              `json:"severity,omitempty"`
	Fixable  []int                 `json:"fixable,omitempty"`
}

func (VulnerabilityExceptionCriteria) FixableEnabled added in v0.37.0 

func (vc VulnerabilityExceptionCriteria) FixableEnabled() *bool

type VulnerabilityExceptionHost added in v0.24.0 

type VulnerabilityExceptionHost struct {
	Guid                  string                                  `json:"exceptionGuid,omitempty"`
	Enabled               int                                     `json:"state"`
	ExceptionName         string                                  `json:"exceptionName"`
	ExceptionType         string                                  `json:"exceptionType"`
	ExceptionReason       string                                  `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps             `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria          `json:"vulnerabilityCriteria"`
	ResourceScope         VulnerabilityExceptionResourceScopeHost `json:"resourceScope,omitempty"`
	CreatedTime           string                                  `json:"createdTime,omitempty"`
	UpdatedTime           string                                  `json:"updatedTime,omitempty"`
	ExpiryTime            string                                  `json:"expiryTime,omitempty"`
}

type VulnerabilityExceptionHostResourceScope added in v0.24.0 

type VulnerabilityExceptionHostResourceScope struct {
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`
	Namespace   []string `json:"namespace,omitempty"`
}

func (VulnerabilityExceptionHostResourceScope) Scope added in v0.24.0 

func (host VulnerabilityExceptionHostResourceScope) Scope() VulnerabilityExceptionResourceScope

func (VulnerabilityExceptionHostResourceScope) Type added in v0.24.0 

func (host VulnerabilityExceptionHostResourceScope) Type() vulnerabilityExceptionType

type VulnerabilityExceptionHostResponse added in v0.24.0 

type VulnerabilityExceptionHostResponse struct {
	Data VulnerabilityExceptionHost `json:"data"`
}

type VulnerabilityExceptionPackage added in v0.24.0 

type VulnerabilityExceptionPackage struct {
	Name    string
	Version string
}

func NewVulnerabilityExceptionPackages added in v0.24.0 

func NewVulnerabilityExceptionPackages(packageMap []map[string]string) []VulnerabilityExceptionPackage

type VulnerabilityExceptionProps added in v0.24.0 

type VulnerabilityExceptionProps struct {
	Description string `json:"description,omitempty"`
	CreatedBy   string `json:"createdBy,omitempty"`
	UpdatedBy   string `json:"updatedBy,omitempty"`
}

type VulnerabilityExceptionResourceScope added in v0.24.0 

type VulnerabilityExceptionResourceScope struct {
	// Container properties
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`

	// Host properties
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`

	// Shared properties
	Namespace []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResourceScopeContainer added in v0.24.0 

type VulnerabilityExceptionResourceScopeContainer struct {
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`
	Namespace  []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResourceScopeHost added in v0.24.0 

type VulnerabilityExceptionResourceScopeHost struct {
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`
	Namespace   []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResponse added in v0.24.0 

type VulnerabilityExceptionResponse struct {
	Data VulnerabilityException `json:"data"`
}

type VulnerabilityExceptionSeverities added in v0.24.0 

type VulnerabilityExceptionSeverities []vulnerabilityExceptionSeverity

func NewVulnerabilityExceptionSeverities added in v0.24.0 

func NewVulnerabilityExceptionSeverities(sevSlice []string) VulnerabilityExceptionSeverities

func (VulnerabilityExceptionSeverities) ToStringSlice added in v0.24.0 

func (sevs VulnerabilityExceptionSeverities) ToStringSlice() []string

type VulnerabilityExceptionsResponse added in v0.24.0 

type VulnerabilityExceptionsResponse struct {
	Data []VulnerabilityException `json:"data"`
}

type VulnerabilityExceptionsService added in v0.24.0 

type VulnerabilityExceptionsService struct {
	// contains filtered or unexported fields
}

VulnerabilityExceptionsService is the service that interacts with the VulnerabilityExceptions schema from the Lacework APIv2 Server

func (*VulnerabilityExceptionsService) Create added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Create(vuln VulnerabilityException) (
	response VulnerabilityExceptionResponse,
	err error,
)

Create creates a single Vulnerability Exception

func (*VulnerabilityExceptionsService) CreateVulnerabilityExceptionsContainer added in v0.24.0 

func (svc *VulnerabilityExceptionsService) CreateVulnerabilityExceptionsContainer(vuln VulnerabilityException) (
	response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) CreateVulnerabilityExceptionsHost added in v0.24.0 

func (svc *VulnerabilityExceptionsService) CreateVulnerabilityExceptionsHost(vuln VulnerabilityException) (
	response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) Delete added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Delete(guid string) error

Delete deletes a Vulnerability Exception that matches the provided guid

func (*VulnerabilityExceptionsService) Get added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Get(guid string, response interface{}) error

Get returns a raw response of the Vulnerability Exception with the matching guid.

func (*VulnerabilityExceptionsService) GetVulnerabilityExceptionsContainer added in v0.24.0 

func (svc *VulnerabilityExceptionsService) GetVulnerabilityExceptionsContainer(guid string) (response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) GetVulnerabilityExceptionsHost added in v0.24.0 

func (svc *VulnerabilityExceptionsService) GetVulnerabilityExceptionsHost(guid string) (response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) List added in v0.24.0 

func (svc *VulnerabilityExceptionsService) List() (response VulnerabilityExceptionsResponse, err error)

List returns a list of Vulnerability Exceptions

func (*VulnerabilityExceptionsService) ListVulnerabilityExceptionsContainers added in v0.24.0 

func (svc *VulnerabilityExceptionsService) ListVulnerabilityExceptionsContainers() (response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) ListVulnerabilityExceptionsHosts added in v0.24.0 

func (svc *VulnerabilityExceptionsService) ListVulnerabilityExceptionsHosts() (response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) Update added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Update(data VulnerabilityException) (
	response VulnerabilityExceptionResponse,
	err error,
)

Update updates a single Vulnerability Exception.

func (*VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsContainer added in v0.24.0 

func (svc *VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsContainer(data VulnerabilityException, id string) (
	response VulnerabilityExceptionContainerResponse,
	err error,
)

func (*VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsHost added in v0.24.0 

func (svc *VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsHost(data VulnerabilityException, id string) (
	response VulnerabilityExceptionHostResponse,
	err error,
)

type VulnerabilityHost added in v0.25.0 

type VulnerabilityHost struct {
	CveProps struct {
		CveBatchID  string                     `json:"cve_batch_id"`
		Description string                     `json:"description"`
		Link        string                     `json:"link"`
		Metadata    *VulnerabilityHostMetadata `json:"metadata,omitempty"`
	} `json:"cveProps"`
	EndTime time.Time `json:"endTime"`
	EvalCtx struct {
		ExceptionProps []interface{} `json:"exception_props"`
		Hostname       string        `json:"hostname"`
		McEvalGUID     string        `json:"mc_eval_guid"`
	} `json:"evalCtx"`
	FeatureKey struct {
		Name             string `json:"name"`
		Namespace        string `json:"namespace"`
		PackageActive    int    `json:"package_active"`
		VersionInstalled string `json:"version_installed"`
	} `json:"featureKey"`
	FixInfo struct {
		CompareResult               string `json:"compare_result"`
		EvalStatus                  string `json:"eval_status"`
		FixAvailable                string `json:"fix_available"`
		FixedVersion                string `json:"fixed_version"`
		FixedVersionComparisonInfos []struct {
			CurrFixVer                         string `json:"curr_fix_ver"`
			IsCurrFixVerGreaterThanOtherFixVer string `json:"is_curr_fix_ver_greater_than_other_fix_ver"`
			OtherFixVer                        string `json:"other_fix_ver"`
		} `json:"fixed_version_comparison_infos"`
		FixedVersionComparisonScore int    `json:"fixed_version_comparison_score"`
		VersionInstalled            string `json:"version_installed"`
	} `json:"fixInfo"`
	MachineTags struct {
		Account                               string `json:"Account"`
		AmiID                                 string `json:"AmiId"`
		Env                                   string `json:"Env"`
		ExternalIP                            string `json:"ExternalIp"`
		Hostname                              string `json:"Hostname"`
		InstanceID                            string `json:"InstanceId"`
		InternalIP                            string `json:"InternalIp"`
		LwTokenShort                          string `json:"LwTokenShort"`
		Name                                  string `json:"Name"`
		SubnetID                              string `json:"SubnetId"`
		VMInstanceType                        string `json:"VmInstanceType"`
		VMProvider                            string `json:"VmProvider"`
		VpcID                                 string `json:"VpcId"`
		Zone                                  string `json:"Zone"`
		AlphaEksctlIoNodegroupName            string `json:"alpha.eksctl.io/nodegroup-name"`
		AlphaEksctlIoNodegroupType            string `json:"alpha.eksctl.io/nodegroup-type"`
		Arch                                  string `json:"arch"`
		AwsAutoscalingGroupName               string `json:"aws:autoscaling:groupName"`
		AwsEc2FleetID                         string `json:"aws:ec2:fleet-id"`
		AwsEc2LaunchtemplateID                string `json:"aws:ec2launchtemplate:id"`
		AwsEc2LaunchtemplateVersion           string `json:"aws:ec2launchtemplate:version"`
		EksClusterName                        string `json:"eks:cluster-name"`
		EksNodegroupName                      string `json:"eks:nodegroup-name"`
		K8SIoClusterAutoscalerEnabled         int    `json:"k8s.io/cluster-autoscaler/enabled"`
		K8SIoClusterAutoscalerTechallySandbox string `json:"k8s.io/cluster-autoscaler/techally-sandbox"`
		KubernetesIoClusterTechallySandbox    string `json:"kubernetes.io/cluster/techally-sandbox"`
		LwKubernetesCluster                   string `json:"lw_KubernetesCluster"`
		Os                                    string `json:"os"`
	} `json:"machineTags"`
	Props     VulnerabilityHostProps `json:"props"`
	Mid       int                    `json:"mid"`
	Severity  string                 `json:"severity"`
	StartTime time.Time              `json:"startTime"`
	Status    string                 `json:"status"`
	VulnID    string                 `json:"vulnId"`
}

func (*VulnerabilityHost) CvssV2 added in v1.0.0 

func (v *VulnerabilityHost) CvssV2() string

func (*VulnerabilityHost) CvssV3 added in v1.0.0 

func (v *VulnerabilityHost) CvssV3() string

func (*VulnerabilityHost) HasFix added in v1.0.0 

func (v *VulnerabilityHost) HasFix() bool

func (*VulnerabilityHost) PackageActive added in v1.0.0 

func (v *VulnerabilityHost) PackageActive() string

type VulnerabilityHostMetadata added in v1.0.0 

type VulnerabilityHostMetadata struct {
	NVD struct {
		CVSSv2 struct {
			PublishedDateTime string  `json:"PublishedDateTime"`
			Score             float64 `json:"Score"`
			Vectors           string  `json:"Vectors"`
		} `json:"CVSSv2"`
		CVSSv3 struct {
			ExploitabilityScore float64 `json:"ExploitabilityScore"`
			ImpactScore         float64 `json:"ImpactScore"`
			Score               float64 `json:"Score"`
			Vectors             string  `json:"Vectors"`
		} `json:"CVSSv3"`
	} `json:"NVD"`
}

type VulnerabilityHostProps added in v1.0.0 

type VulnerabilityHostProps struct {
	FirstTimeSeen   *time.Time `json:"first_time_seen,omitempty"`
	IsDailyJob      int        `json:"isDailyJob,omitempty"`
	LastUpdatedTime *time.Time `json:"last_updated_time,omitempty"`
}

type VulnerabilitySoftwarePackage added in v1.0.0 

type VulnerabilitySoftwarePackage struct {
	OsPkgInfo struct {
		Namespace     string `json:"namespace"`
		Os            string `json:"os"`
		OsVer         string `json:"osVer"`
		Pkg           string `json:"pkg"`
		PkgVer        string `json:"pkgVer"`
		VersionFormat string `json:"versionFormat"`
	} `json:"osPkgInfo"`
	VulnID     string `json:"vulnId"`
	Severity   string `json:"severity"`
	FeatureKey struct {
		AffectedRange struct {
			End struct {
				Inclusive bool   `json:"inclusive"`
				Value     string `json:"value"`
			} `json:"end"`
			FixVersion string `json:"fixVersion"`
			Start      struct {
				Inclusive bool   `json:"inclusive"`
				Value     string `json:"value"`
			} `json:"start"`
		} `json:"affectedRange"`
		Name      string `json:"name"`
		Namespace string `json:"namespace"`
	} `json:"featureKey"`
	CveProps struct {
		CveBatchId  string `json:"cveBatchId"`
		Description string `json:"description"`
		Link        string `json:"link"`
		Metadata    struct {
			Nvd struct {
				Cvssv2 struct {
					Publisheddatetime string  `json:"publisheddatetime"`
					Score             float64 `json:"score"`
					Vectors           string  `json:"vectors"`
				} `json:"cvssv2"`
				Cvssv3 struct {
					Exploitabilityscore float64 `json:"exploitabilityscore"`
					Impactscore         float64 `json:"impactscore"`
					Score               float64 `json:"score"`
					Vectors             string  `json:"vectors"`
				} `json:"cvssv3"`
			} `json:"nvd"`
		} `json:"metadata"`
	} `json:"cveProps"`
	FixInfo struct {
		CompareResult               int    `json:"compareResult"`
		EvalStatus                  string `json:"evalStatus"`
		FixAvailable                int    `json:"fixAvailable"`
		FixedVersion                string `json:"fixedVersion"`
		FixedVersionComparisonInfos []struct {
			CurrFixVer                         string `json:"currFixVer"`
			IsCurrFixVerGreaterThanOtherFixVer string `json:"isCurrFixVerGreaterThanOtherFixVer"`
			OtherFixVer                        string `json:"otherFixVer"`
		} `json:"fixedVersionComparisonInfos"`
		FixedVersionComparisonScore int    `json:"fixedVersionComparisonScore"`
		MaxPrefixMatchingLenScore   int    `json:"maxPrefixMatchingLenScore"`
		VersionInstalled            string `json:"versionInstalled"`
	} `json:"fixInfo"`
	Summary struct {
		EvalCreatedTime          string `json:"evalCreatedTime"`
		EvalStatus               string `json:"evalStatus"`
		NumFixableVuln           int    `json:"numFixableVuln"`
		NumFixableVulnBySeverity struct {
			Critical int `json:"1"`
			High     int `json:"2"`
			Medium   int `json:"3"`
			Low      int `json:"4"`
			Info     int `json:"5"`
		} `json:"numFixableVulnBySeverity"`
		NumTotal          int `json:"numTotal"`
		NumVuln           int `json:"numVuln"`
		NumVulnBySeverity struct {
			Critical int `json:"1"`
			High     int `json:"2"`
			Field3   int `json:"3"`
			Medium   int `json:"4"`
			Info     int `json:"5"`
		} `json:"numVulnBySeverity"`
	} `json:"summary"`
	Props struct {
		EvalAlgo string `json:"evalAlgo"`
	} `json:"props"`
}

func (*VulnerabilitySoftwarePackage) HasFix added in v1.0.0 

func (v *VulnerabilitySoftwarePackage) HasFix() bool

func (*VulnerabilitySoftwarePackage) ScoreString added in v1.0.0 

func (v *VulnerabilitySoftwarePackage) ScoreString() string

type VulnerabilitySoftwarePackagesResponse added in v1.0.0 

type VulnerabilitySoftwarePackagesResponse struct {
	Data []VulnerabilitySoftwarePackage `json:"data"`
}

func (*VulnerabilitySoftwarePackagesResponse) VulnerabilityCounts added in v1.0.0 

func (v *VulnerabilitySoftwarePackagesResponse) VulnerabilityCounts() HostVulnCounts

type WebhookAlertChannelResponseV2 added in v0.17.0 

type WebhookAlertChannelResponseV2 struct {
	Data WebhookAlertChannelV2 `json:"data"`
}

type WebhookAlertChannelV2 added in v0.17.0 

type WebhookAlertChannelV2 struct {
	Data WebhookDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (WebhookAlertChannelV2) ID added in v0.17.0 

func (c WebhookAlertChannelV2) ID() string

func (WebhookAlertChannelV2) StateString added in v0.34.0 

func (c WebhookAlertChannelV2) StateString() string

func (WebhookAlertChannelV2) Status added in v0.34.0 

func (c WebhookAlertChannelV2) Status() string

type WebhookDataV2 added in v0.17.0 

type WebhookDataV2 struct {
	WebhookUrl string `json:"webhookUrl"`
}

type WeeklyEventsReportRuleNotifications added in v0.21.0 

type WeeklyEventsReportRuleNotifications struct {
	TrendReport bool `json:"trendReport"`
}

func (WeeklyEventsReportRuleNotifications) ToMap added in v0.21.0 

func (weekly WeeklyEventsReportRuleNotifications) ToMap() map[string]bool

Source Files

View all Source files

Directories

Path Synopsis
_examples
agent-access-token
alert-channels-v2
alert-profiles
alert-rules
aws-cloudwatch-alert-channel
aws-s3-alert-channel
cisco-webex-alert-channel
cloud-accounts/aws-agentless-scanning
cloud-accounts/aws-agentless-scanning-org
cloud-accounts/aws-cfg
cloud-accounts/aws-ct-sqs
cloud-accounts/aws-eks-audit
cloud-accounts/gcp-gke-audit
container-registries/aws_ecr_access_key
container-registries/aws_ecr_iam_role
container-registries/inline_scanner
container-registries/proxy_scanner
container-vuln-search
data-export-rules
datadog-alert-channel
gcp_pub_sub-alert-channel
host-vuln-list-cves
jira-cloud-with-custom-template-alert-channel
microsoft-teams-alert-channel
new-relic-alert-channel
pagerduty-alert-channel
pagination
policy-exceptions
qradar-alert-channel
report-definitions
report-rules
reports/aws
reports/azure
reports/gcp
resource-groups
service-now-alert-channel
slack-alert-channel
splunk-alert-channel
team-members
team-members-org
token-generation
victorops-alert-channel
vulnerability-exceptions
webhook-alert-channel

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.