Documentation
¶
Index ¶
- type BulkUploadInput
- type BulkUploadOutput
- type CreateDataModelInput
- type CreateGlobalInput
- type CreatePolicyInput
- type CreateRuleInput
- type DataModel
- type DataModelMapping
- type DeleteDataModelsInput
- type DeleteEntry
- type DeleteGlobalsInput
- type DeletePoliciesInput
- type DeleteRulesInput
- type DetectionType
- type GetDataModelInput
- type GetGlobalInput
- type GetPolicyInput
- type GetRuleInput
- type Global
- type LambdaInput
- type ListDataModelsInput
- type ListDataModelsOutput
- type ListGlobalsInput
- type ListGlobalsOutput
- type ListPoliciesInput
- type ListPoliciesOutput
- type ListRulesInput
- type ListRulesOutput
- type Paging
- type Policy
- type Rule
- type SuppressInput
- type TestDetectionSubRecord
- type TestError
- type TestPolicyInput
- type TestPolicyOutput
- type TestPolicyRecord
- type TestPolicyRecordFunctions
- type TestRuleInput
- type TestRuleOutput
- type TestRuleRecord
- type TestRuleRecordFunctions
- type UnitTest
- type UpdateDataModelInput
- type UpdateGlobalInput
- type UpdatePolicyInput
- type UpdateRuleInput
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BulkUploadInput ¶
type BulkUploadOutput ¶
type BulkUploadOutput struct {
TotalPolicies int `json:"totalPolicies"`
NewPolicies int `json:"newPolicies"`
ModifiedPolicies int `json:"modifiedPolicies"`
TotalRules int `json:"totalRules"`
NewRules int `json:"newRules"`
ModifiedRules int `json:"modifiedRules"`
TotalGlobals int `json:"totalGlobals"`
NewGlobals int `json:"newGlobals"`
ModifiedGlobals int `json:"modifiedGlobals"`
TotalDataModels int `json:"totalDataModels"`
NewDataModels int `json:"newDataModels"`
ModifiedDataModels int `json:"modifiedDataModels"`
}
type CreateDataModelInput ¶
type CreateDataModelInput = UpdateDataModelInput
type CreateGlobalInput ¶
type CreateGlobalInput = UpdateGlobalInput
type CreatePolicyInput ¶
type CreatePolicyInput = UpdatePolicyInput
type CreateRuleInput ¶
type CreateRuleInput = UpdateRuleInput
type DataModel ¶
type DataModel struct {
Body string `json:"body"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description"`
DisplayName string `json:"displayName"`
Enabled bool `json:"enabled"`
ID string `json:"id"`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
LogTypes []string `json:"logTypes"`
Mappings []DataModelMapping `json:"mappings"`
VersionID string `json:"versionId"`
}
type DataModelMapping ¶
type DeleteDataModelsInput ¶
type DeleteDataModelsInput = DeletePoliciesInput
type DeleteEntry ¶
type DeleteEntry struct {
ID string `json:"id" validate:"required,max=1000"`
}
type DeleteGlobalsInput ¶
type DeleteGlobalsInput = DeletePoliciesInput
type DeletePoliciesInput ¶
type DeletePoliciesInput struct {
Entries []DeleteEntry `json:"entries" validate:"min=1,max=1000,dive"`
}
type DeleteRulesInput ¶
type DeleteRulesInput = DeletePoliciesInput
type DetectionType ¶
type DetectionType string
const ( TypePolicy DetectionType = "POLICY" TypeRule DetectionType = "RULE" TypeGlobal DetectionType = "GLOBAL" TypeDataModel DetectionType = "DATAMODEL" )
type GetDataModelInput ¶
type GetGlobalInput ¶
type GetPolicyInput ¶
type GetRuleInput ¶
type Global ¶
type Global struct {
Body string `json:"body"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description"`
ID string `json:"id"`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
Tags []string `json:"tags"`
VersionID string `json:"versionId"`
}
type LambdaInput ¶
type LambdaInput struct {
// Shared
BulkUpload *BulkUploadInput `json:"bulkUpload,omitempty"`
// Globals
CreateGlobal *CreateGlobalInput `json:"createGlobal,omitempty"`
DeleteGlobals *DeleteGlobalsInput `json:"deleteGlobals,omitempty"`
GetGlobal *GetGlobalInput `json:"getGlobal,omitempty"`
ListGlobals *ListGlobalsInput `json:"listGlobals,omitempty"`
UpdateGlobal *UpdateGlobalInput `json:"updateGlobal,omitempty"`
// Policies (cloud security)
CreatePolicy *CreatePolicyInput `json:"createPolicy,omitempty"`
DeletePolicies *DeletePoliciesInput `json:"deletePolicies,omitempty"`
GetPolicy *GetPolicyInput `json:"getPolicy,omitempty"`
ListPolicies *ListPoliciesInput `json:"listPolicies,omitempty"`
Suppress *SuppressInput `json:"suppress,omitempty"`
TestPolicy *TestPolicyInput `json:"testPolicy,omitempty"`
UpdatePolicy *UpdatePolicyInput `json:"updatePolicy,omitempty"`
// Rules (log analysis)
CreateRule *CreateRuleInput `json:"createRule,omitempty"`
DeleteRules *DeleteRulesInput `json:"deleteRules,omitempty"`
GetRule *GetRuleInput `json:"getRule,omitempty"`
ListRules *ListRulesInput `json:"listRules,omitempty"`
TestRule *TestRuleInput `json:"testRule,omitempty"`
UpdateRule *UpdateRuleInput `json:"updateRule,omitempty"`
// Data models (log analysis)
CreateDataModel *CreateDataModelInput `json:"createDataModel,omitempty"`
DeleteDataModels *DeleteDataModelsInput `json:"deleteDataModels,omitempty"`
GetDataModel *GetDataModelInput `json:"getDataModel,omitempty"`
ListDataModels *ListDataModelsInput `json:"listDataModels,omitempty"`
UpdateDataModel *UpdateDataModelInput `json:"updateDataModel,omitempty"`
}
type ListDataModelsInput ¶
type ListDataModelsInput struct {
// ----- Filtering -----
// Only include data models which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include data models whose ID contains this substring (case-insensitive)
NameContains string `json:"nameContains"`
// Only include data models which apply to one of these log types
LogTypes []string `json:"logTypes" validate:"dive,required,max=500"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=enabled id lastModified logTypes"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
type ListDataModelsOutput ¶
type ListGlobalsInput ¶
type ListGlobalsInput struct {
// JSON field names (passed to Dynamo as a projection). For example,
// ["id", "lastModified", "tags"]
Fields []string `json:"fields" validate:"max=15,dive,required,max=100"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
type ListGlobalsOutput ¶
type ListPoliciesInput ¶
type ListPoliciesInput struct {
// ----- Filtering -----
// Only include policies with a specific compliance status
ComplianceStatus models.ComplianceStatus `json:"complianceStatus" validate:"omitempty,oneof=PASS FAIL ERROR"`
// Only include policies whose ID or display name contains this case-insensitive substring
NameContains string `json:"nameContains" validate:"max=1000"`
// Only include policies which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include policies with or without auto-remediation enabled
HasRemediation *bool `json:"hasRemediation"`
// Only include policies which apply to one of these resource types
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
// Only include policies with this severity
Severity []models.Severity `json:"severity" validate:"dive,oneof=INFO LOW MEDIUM HIGH CRITICAL"`
// Only include policies with all of these tags (case-insensitive)
Tags []string `json:"tags" validate:"max=500,dive,required,max=500"`
// ----- Projection -----
// Policy fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=complianceStatus enabled id lastModified resourceTypes severity"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
// Only include policies whose creator matches this user ID (which need not be a uuid)
CreatedBy string `json:"createdBy"`
// Only include policies which were last modified by this user ID
LastModifiedBy string `json:"lastModifiedBy"`
// If True, include only policies which were created by the system during the initial deployment
// If False, include only policies where were NOT created by the system during the initial deployment
InitialSet *bool `json:"initialSet"`
}
type ListPoliciesOutput ¶
type ListRulesInput ¶
type ListRulesInput struct {
// ----- Filtering -----
// Only include rules whose ID or display name contains this case-insensitive substring
NameContains string `json:"nameContains" validate:"max=1000"`
// Only include rules which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include rules which apply to one of these log types
LogTypes []string `json:"logTypes" validate:"max=500,dive,required,max=500"`
// Only include policies with this severity
Severity []models.Severity `json:"severity" validate:"dive,oneof=INFO LOW MEDIUM HIGH CRITICAL"`
// Only include policies with all of these tags (case-insensitive)
Tags []string `json:"tags" validate:"max=500,dive,required,max=500"`
// ----- Projection -----
// Policy fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=displayName enabled id lastModified logTypes severity"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
// Only include rules whose creator matches this user ID (which need not be a uuid)
CreatedBy string `json:"createdBy"`
// Only include rules which were last modified by this user ID
LastModifiedBy string `json:"lastModifiedBy"`
// If True, include only rules which were created by the system during the initial deployment
// If False, include only rules where were NOT created by the system during the initial deployment
InitialSet *bool `json:"initialSet"`
}
type ListRulesOutput ¶
type Policy ¶
type Policy struct {
AutoRemediationID string `json:"autoRemediationId" validate:"max=1000"`
AutoRemediationParameters map[string]string `json:"autoRemediationParameters" validte:"max=500"`
Body string `json:"body" validate:"required,max=100000"`
ComplianceStatus models.ComplianceStatus `json:"complianceStatus"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Suppressions []string `json:"suppressions" validate:"max=500,dive,required,max=1000"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
VersionID string `json:"versionId"`
}
The validate tags here are used by BulkUpload
type Rule ¶
type Rule struct {
Body string `json:"body"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
DedupPeriodMinutes int `json:"dedupPeriodMinutes"`
Description string `json:"description"`
DisplayName string `json:"displayName"`
Enabled bool `json:"enabled"`
ID string `json:"id"`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
LogTypes []string `json:"logTypes"`
OutputIDs []string `json:"outputIds"`
Reference string `json:"reference"`
Reports map[string][]string `json:"reports"`
Runbook string `json:"runbook"`
Severity models.Severity `json:"severity"`
Tags []string `json:"tags"`
Tests []UnitTest `json:"tests"`
Threshold int `json:"threshold"`
VersionID string `json:"versionId"`
}
type SuppressInput ¶
type SuppressInput struct {
PolicyIDs []string `json:"policyIds" validate:"min=1,dive,required,max=1000"`
// List of resource ID regexes that are excepted from the policy.
// The policy will still be evaluated, but failures will not trigger alerts nor remediations
ResourcePatterns []string `json:"resourcePatterns" validate:"min=1,dive,required,max=10000"`
}
type TestDetectionSubRecord ¶
type TestPolicyInput ¶
type TestPolicyOutput ¶
type TestPolicyOutput struct {
Results []TestPolicyRecord `json:"results"`
}
type TestPolicyRecord ¶
type TestPolicyRecord struct {
ID string `json:"id"`
Name string `json:"name"`
Passed bool `json:"passed"`
Functions TestPolicyRecordFunctions `json:"functions"`
Error *TestError `json:"error"`
}
type TestPolicyRecordFunctions ¶
type TestPolicyRecordFunctions struct {
Policy TestDetectionSubRecord `json:"policyFunction"`
}
type TestRuleInput ¶
type TestRuleOutput ¶
type TestRuleOutput struct {
Results []TestRuleRecord `json:"results"`
}
type TestRuleRecord ¶
type TestRuleRecord struct {
ID string `json:"id"`
Name string `json:"name"`
Passed bool `json:"passed"`
Functions TestRuleRecordFunctions `json:"functions"`
// An error produced before running any of the rule functions, like import or syntax error.
Error *TestError `json:"error"`
}
type TestRuleRecordFunctions ¶
type TestRuleRecordFunctions struct {
Rule *TestDetectionSubRecord `json:"ruleFunction"`
Title *TestDetectionSubRecord `json:"titleFunction"`
Dedup *TestDetectionSubRecord `json:"dedupFunction"`
AlertContext *TestDetectionSubRecord `json:"alertContextFunction"`
Description *TestDetectionSubRecord `json:"descriptionFunction"`
Destinations *TestDetectionSubRecord `json:"destinationsFunction"`
Reference *TestDetectionSubRecord `json:"referenceFunction"`
Runbook *TestDetectionSubRecord `json:"runbookFunction"`
Severity *TestDetectionSubRecord `json:"severityFunction"`
}
type UpdateDataModelInput ¶
type UpdateDataModelInput struct {
Body string `json:"body" validate:"omitempty,max=100000"` // not required
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LogTypes []string `json:"logTypes" validate:"len=1,dive,required,max=500"` // for now, only one logtype allowed
Mappings []DataModelMapping `json:"mappings" validate:"min=1,max=500,dive"`
UserID string `json:"userId" validate:"required"`
}
type UpdateGlobalInput ¶
type UpdateGlobalInput struct {
Body string `json:"body" validate:"required,max=100000"`
Description string `json:"description" validate:"max=10000"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
UserID string `json:"userId" validate:"required"`
}
type UpdatePolicyInput ¶
type UpdatePolicyInput struct {
AutoRemediationID string `json:"autoRemediationId" validate:"max=1000"`
AutoRemediationParameters map[string]string `json:"autoRemediationParameters" validate:"max=500"`
Body string `json:"body" validate:"required,max=100000"`
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Suppressions []string `json:"suppressions" validate:"max=500,dive,required,max=1000"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
UserID string `json:"userId" validate:"required"`
}
type UpdateRuleInput ¶
type UpdateRuleInput struct {
Body string `json:"body" validate:"required,max=100000"`
DedupPeriodMinutes int `json:"dedupPeriodMinutes" validate:"min=0"`
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LogTypes []string `json:"logTypes" validate:"max=500,dive,required,max=500"`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
Threshold int `json:"threshold" validate:"min=0"`
UserID string `json:"userId" validate:"required"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.