models

package
v1.9.0-RC2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 1, 2020 License: AGPL-3.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// IntegrationTypeAWSScan is the integration type for snapshots in customer AWS accounts.
	IntegrationTypeAWSScan = "aws-scan"
	// IntegrationTypeAWS3 is the integration type for importing data from customer S3 buckets.
	IntegrationTypeAWS3 = "aws-s3"
	// IntegrationTypeSqs is integration type for pulling data from an SQS queue.
	IntegrationTypeSqs = "aws-sqs"

	// StatusError is the string set in the database when an error occurs in a scan.
	StatusError = "error"
	// StatusOK is the string set in the database when a scan is successful.
	StatusOK = "ok"
	// StatusScanning is the status set while a scan is underway.
	StatusScanning = "scanning"
)
View Source
const SqsS3Prefix = "forwarder"

The S3 Prefix where the SQS data will be stored

Variables

This section is empty.

Functions

func Validator

func Validator() (*validator.Validate, error)

Validator builds a custom struct validator.

Types

type CheckIntegrationInput

type CheckIntegrationInput struct {
	AWSAccountID     string `genericapi:"redact" json:"awsAccountId" validate:"omitempty,len=12,numeric"`
	IntegrationType  string `json:"integrationType" validate:"oneof=aws-scan aws-s3 aws-sqs"`
	IntegrationLabel string `json:"integrationLabel" validate:"required,integrationLabel"`

	// Checks for cloudsec integrations
	EnableCWESetup    *bool `json:"enableCWESetup"`
	EnableRemediation *bool `json:"enableRemediation"`

	// Checks for log analysis integrations
	S3Bucket string `json:"s3Bucket"`
	S3Prefix string `json:"s3Prefix"`
	KmsKey   string `json:"kmsKey"`

	// Checks for Sqs configuration
	SqsConfig *SqsConfig `json:"sqsConfig,omitempty"`
}

CheckIntegrationInput is used to check the health of a potential configuration.

type DeleteIntegrationInput

type DeleteIntegrationInput struct {
	IntegrationID string `json:"integrationId" validate:"required,uuid4"`
}

DeleteIntegrationInput is used to delete a specific item from the database.

type FullScanInput added in v1.2.1

type FullScanInput struct {
	Integrations []*SourceIntegrationMetadata
}

FullScanInput is used to do a full scan of one or more integrations.

type GetIntegrationTemplateInput

type GetIntegrationTemplateInput struct {
	AWSAccountID       string `genericapi:"redact" json:"awsAccountId" validate:"required,len=12,numeric"`
	IntegrationType    string `json:"integrationType" validate:"oneof=aws-scan aws-s3"`
	IntegrationLabel   string `json:"integrationLabel" validate:"required,integrationLabel"`
	RemediationEnabled *bool  `json:"remediationEnabled"`
	CWEEnabled         *bool  `json:"cweEnabled"`
	S3Bucket           string `json:"s3Bucket" validate:"omitempty,min=1"`
	S3Prefix           string `json:"s3Prefix" validate:"omitempty,min=1"`
	KmsKey             string `json:"kmsKey" validate:"omitempty,kmsKeyArn"`
}

GetIntegrationTemplateInput allows specification of what resources should be enabled/disabled in the template

type LambdaInput

type LambdaInput struct {
	CheckIntegration *CheckIntegrationInput `json:"integrationHealthCheck"`

	PutIntegration            *PutIntegrationInput            `json:"putIntegration"`
	UpdateIntegrationSettings *UpdateIntegrationSettingsInput `json:"updateIntegrationSettings"`
	ListIntegrations          *ListIntegrationsInput          `json:"listIntegrations"`
	DeleteIntegration         *DeleteIntegrationInput         `json:"deleteIntegration"`

	GetIntegrationTemplate *GetIntegrationTemplateInput `json:"getIntegrationTemplate"`

	UpdateIntegrationLastScanEnd   *UpdateIntegrationLastScanEndInput   `json:"updateIntegrationLastScanEnd"`
	UpdateIntegrationLastScanStart *UpdateIntegrationLastScanStartInput `json:"updateIntegrationLastScanStart"`

	FullScan     *FullScanInput     `json:"fullScan"`
	UpdateStatus *UpdateStatusInput `json:"updateStatus"`
}

LambdaInput is the collection of all possible args to the Lambda function.

type ListIntegrationsInput

type ListIntegrationsInput struct {
	IntegrationType *string `json:"integrationType" validate:"omitempty,oneof=aws-scan aws-s3 aws-sqs"`
}

ListIntegrationsInput allows filtering by the IntegrationType field

type PutIntegrationInput

type PutIntegrationInput struct {
	PutIntegrationSettings
}

PutIntegrationInput is used to add one or many integrations.

type PutIntegrationSettings

type PutIntegrationSettings struct {
	IntegrationLabel   string   `json:"integrationLabel" validate:"required,integrationLabel,excludesall='<>&\""`
	IntegrationType    string   `json:"integrationType" validate:"oneof=aws-scan aws-s3 aws-sqs"`
	UserID             string   `json:"userId" validate:"required,uuid4"`
	AWSAccountID       string   `genericapi:"redact" json:"awsAccountId" validate:"omitempty,len=12,numeric"`
	CWEEnabled         *bool    `json:"cweEnabled"`
	RemediationEnabled *bool    `json:"remediationEnabled"`
	ScanIntervalMins   int      `json:"scanIntervalMins" validate:"omitempty,oneof=60 180 360 720 1440"`
	S3Bucket           string   `json:"s3Bucket"`
	S3Prefix           string   `json:"s3Prefix" validate:"omitempty,min=1"`
	KmsKey             string   `json:"kmsKey" validate:"omitempty,kmsKeyArn"`
	LogTypes           []string `json:"logTypes" validate:"omitempty,min=1"`

	SqsConfig *SqsConfig `json:"sqsConfig,omitempty"`
}

PutIntegrationSettings are all the settings for the new integration.

type SourceIntegration

SourceIntegration represents a Panther integration with a source.

func (*SourceIntegration) IsLogAnalysisIntegration added in v1.9.0

func (info *SourceIntegration) IsLogAnalysisIntegration() bool

func (*SourceIntegration) RequiredLogTypes added in v1.8.0

func (info *SourceIntegration) RequiredLogTypes() (logTypes []string)

type SourceIntegrationHealth

type SourceIntegrationHealth struct {
	IntegrationType string `json:"integrationType"`

	// Checks for cloudsec integrations
	AuditRoleStatus       SourceIntegrationItemStatus `json:"auditRoleStatus,omitempty"`
	CWERoleStatus         SourceIntegrationItemStatus `json:"cweRoleStatus,omitempty"`
	RemediationRoleStatus SourceIntegrationItemStatus `json:"remediationRoleStatus,omitempty"`

	// Checks for log analysis integrations
	ProcessingRoleStatus SourceIntegrationItemStatus `json:"processingRoleStatus,omitempty"`
	S3BucketStatus       SourceIntegrationItemStatus `json:"s3BucketStatus,omitempty"`
	KMSKeyStatus         SourceIntegrationItemStatus `json:"kmsKeyStatus,omitempty"`

	// Checks for Sqs integrations
	SqsStatus SourceIntegrationItemStatus `json:"sqsStatus"`
}

type SourceIntegrationItemStatus

type SourceIntegrationItemStatus struct {
	Healthy      bool   `json:"healthy"`
	Message      string `json:"message"`
	ErrorMessage string `json:"rawErrorMessage,omitempty"`
}

type SourceIntegrationMetadata

type SourceIntegrationMetadata struct {
	AWSAccountID       string     `json:"awsAccountId,omitempty"`
	CreatedAtTime      time.Time  `json:"createdAtTime,omitempty"`
	CreatedBy          string     `json:"createdBy,omitempty"`
	IntegrationID      string     `json:"integrationId,omitempty"`
	IntegrationLabel   string     `json:"integrationLabel,omitempty"`
	IntegrationType    string     `json:"integrationType,omitempty"`
	RemediationEnabled *bool      `json:"remediationEnabled,omitempty"`
	CWEEnabled         *bool      `json:"cweEnabled,omitempty"`
	ScanIntervalMins   int        `json:"scanIntervalMins,omitempty"`
	S3Bucket           string     `json:"s3Bucket,omitempty"`
	S3Prefix           string     `json:"s3Prefix,omitempty"`
	KmsKey             string     `json:"kmsKey,omitempty"`
	LogTypes           []string   `json:"logTypes,omitempty"`
	LogProcessingRole  string     `json:"logProcessingRole,omitempty"`
	StackName          string     `json:"stackName,omitempty"`
	SqsConfig          *SqsConfig `json:"sqsConfig,omitempty"`
}

SourceIntegrationMetadata is general settings and metadata for an integration.

type SourceIntegrationScanInformation

type SourceIntegrationScanInformation struct {
	LastScanStartTime    *time.Time `json:"lastScanStartTime,omitempty"`
	LastScanEndTime      *time.Time `json:"lastScanEndTime,omitempty"`
	LastScanErrorMessage string     `json:"lastScanErrorMessage,omitempty"`
}

SourceIntegrationScanInformation is detail about the last snapshot.

type SourceIntegrationStatus

type SourceIntegrationStatus struct {
	ScanStatus        string     `json:"scanStatus,omitempty"`
	EventStatus       string     `json:"eventStatus,omitempty"`
	LastEventReceived *time.Time `json:"lastEventReceived,omitempty"`
}

SourceIntegrationStatus provides information about the status of a source

type SourceIntegrationTemplate

type SourceIntegrationTemplate struct {
	Body      string `json:"body"`
	StackName string `json:"stackName"`
}

type SqsConfig added in v1.6.0

type SqsConfig struct {
	// The log types associated with the source. Needs to be set by UI.
	LogTypes []string `json:"logTypes" validate:"required,min=1"`
	// The AWS Principals that are allowed to send data to this source. Needs to be set by UI.
	AllowedPrincipalArns []string `json:"allowedPrincipalArns"`
	// The ARNS (e.g. SNS topic ARNs) that are allowed to send data to this source. Needs to be set by UI.
	AllowedSourceArns []string `json:"allowedSourceArns"`

	// The Panther-internal S3 bucket where the data from this source will be available
	S3Bucket string `json:"s3Bucket"`
	// The S3 prefix where the data from this source will be available
	S3Prefix string `json:"s3Prefix"`
	// The Role that the log processor can use to access this data
	LogProcessingRole string `json:"logProcessingRole"`
	// THe URL of the SQS queue
	QueueURL string `json:"queueUrl"`
}

type UpdateIntegrationLastScanEndInput

type UpdateIntegrationLastScanEndInput struct {
	ScanStatus           string    `json:"scanStatus" validate:"oneof=ok error scanning"`
	IntegrationID        string    `json:"integrationId" validate:"required,uuid4"`
	LastScanEndTime      time.Time `json:"lastScanEndTime" validate:"required"`
	EventStatus          string    `json:"eventStatus"`
	LastScanErrorMessage string    `json:"lastScanErrorMessage"`
}

UpdateIntegrationLastScanEndInput is used to update scan information at the end of a scan.

type UpdateIntegrationLastScanStartInput

type UpdateIntegrationLastScanStartInput struct {
	IntegrationID     string    `json:"integrationId" validate:"required,uuid4"`
	LastScanStartTime time.Time `json:"lastScanStartTime" validate:"required"`
	ScanStatus        string    `json:"scanStatus" validate:"required,oneof=ok error scanning"`
}

UpdateIntegrationLastScanStartInput is used to update scan information at the beginning of a scan.

type UpdateIntegrationSettingsInput

type UpdateIntegrationSettingsInput struct {
	IntegrationID      string   `json:"integrationId" validate:"required,uuid4"`
	IntegrationLabel   string   `json:"integrationLabel" validate:"required,integrationLabel,excludesall='<>&\""`
	CWEEnabled         *bool    `json:"cweEnabled"`
	RemediationEnabled *bool    `json:"remediationEnabled"`
	ScanIntervalMins   int      `json:"scanIntervalMins" validate:"omitempty,oneof=60 180 360 720 1440"`
	S3Bucket           string   `json:"s3Bucket" validate:"omitempty,min=1"`
	S3Prefix           string   `json:"s3Prefix" validate:"omitempty,min=1"`
	KmsKey             string   `json:"kmsKey" validate:"omitempty,kmsKeyArn"`
	LogTypes           []string `json:"logTypes" validate:"omitempty,min=1"`

	SqsConfig *SqsConfig `json:"sqsConfig,omitempty"`
}

UpdateIntegrationSettingsInput is used to update integration settings.

type UpdateStatusInput added in v1.5.1

type UpdateStatusInput struct {
	IntegrationID     string    `json:"integrationId" validate:"required,uuid4"`
	LastEventReceived time.Time `json:"lastEventReceived" validate:"required"`
}

Updates the status of an integration Sample request:

{
	"updateStatus": {
		"integrationId": "uuid",
		"lastEventReceived":"2020-10-10T05:03:01Z"
	}
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL