From fd2a3f502c776d1a5403a2519aaf039ab53494be Mon Sep 17 00:00:00 2001 From: Salim Afiune Maya Date: Wed, 25 Mar 2020 09:47:39 -0600 Subject: [PATCH] chore(Makefile): directives for Go pkg dependencies Signed-off-by: Salim Afiune Maya --- GNUmakefile | 13 +- go.mod | 2 +- go.sum | 2 + .../github.com/lacework/go-sdk/api/README.md | 4 +- vendor/github.com/lacework/go-sdk/api/api.go | 9 +- .../github.com/lacework/go-sdk/api/client.go | 5 +- vendor/github.com/lacework/go-sdk/api/http.go | 2 +- .../lacework/go-sdk/api/integrations.go | 232 ++++++++---------- .../lacework/go-sdk/api/integrations_aws.go | 141 +++++++++++ .../lacework/go-sdk/api/integrations_azure.go | 150 +++++++++++ .../lacework/go-sdk/api/integrations_gcp.go | 171 +++++++++++++ vendor/modules.txt | 2 +- 12 files changed, 592 insertions(+), 141 deletions(-) create mode 100644 vendor/github.com/lacework/go-sdk/api/integrations_aws.go create mode 100644 vendor/github.com/lacework/go-sdk/api/integrations_azure.go create mode 100644 vendor/github.com/lacework/go-sdk/api/integrations_gcp.go diff --git a/GNUmakefile b/GNUmakefile index 60794efd..7213e530 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -4,9 +4,21 @@ WEBSITE_REPO=github.com/hashicorp/terraform-website PKG_NAME=lacework DIR=~/.terraform.d/plugins GO_CLIENT_VERSION=master +export GOFLAGS=-mod=vendor +export GOPRIVATE=github.com/lacework/go-sdk default: build +deps: +ifdef UPDATE_DEP + @go get -u "$(UPDATE_DEP)" +endif + @go mod vendor + +alldeps: + @go get -u + @go mod vendor + build: fmtcheck go install @@ -43,7 +55,6 @@ fmtcheck: errcheck: @sh -c "'$(CURDIR)/scripts/errcheck.sh'" - test-compile: @if [ "$(TEST)" = "./..." ]; then \ echo "ERROR: Set TEST to a specific package. For example,"; \ diff --git a/go.mod b/go.mod index 2d85322c..13182310 100644 --- a/go.mod +++ b/go.mod @@ -4,5 +4,5 @@ go 1.14 require ( github.com/hashicorp/terraform-plugin-sdk v1.8.0 - github.com/lacework/go-sdk v0.0.0-20200318002413-5f027eab9aa4 + github.com/lacework/go-sdk v0.0.0-20200325152128-6358ff2754bd ) diff --git a/go.sum b/go.sum index e947fbbc..ed63b4ad 100644 --- a/go.sum +++ b/go.sum @@ -124,6 +124,8 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/lacework/go-sdk v0.0.0-20200318002413-5f027eab9aa4 h1:AlKxXh+5H3b58VVEk9ltSagzkgrdVPavO3x0zKhHfQY= github.com/lacework/go-sdk v0.0.0-20200318002413-5f027eab9aa4/go.mod h1:E8NPFz+v7qpyhN/0xAAjywNRB4lMfQNHSE5pzYTVguY= +github.com/lacework/go-sdk v0.0.0-20200325152128-6358ff2754bd h1:rltyOpmfwPxsuxJImCxffvODgV9XgTdziWajXQM3nnU= +github.com/lacework/go-sdk v0.0.0-20200325152128-6358ff2754bd/go.mod h1:E8NPFz+v7qpyhN/0xAAjywNRB4lMfQNHSE5pzYTVguY= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.1 h1:G1f5SKeVxmagw/IyvzvtZE4Gybcc4Tr1tf7I8z0XgOg= github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= diff --git a/vendor/github.com/lacework/go-sdk/api/README.md b/vendor/github.com/lacework/go-sdk/api/README.md index af27a04f..ccf5ca75 100644 --- a/vendor/github.com/lacework/go-sdk/api/README.md +++ b/vendor/github.com/lacework/go-sdk/api/README.md @@ -31,7 +31,7 @@ if err != nil { log.Fatal(err) } -integrations, err := lacework.GetIntegrations() +integrations, err := lacework.Integrations.List() if err != nil { log.Fatal(err) } @@ -40,5 +40,5 @@ if err != nil { // CUSTOMER_123456B DATADOG // CUSTOMER_123456A CONT_VULN_CFG // CUSTOMER_123456C PAGER_DUTY_API -fmt.Println(integrations.List()) +fmt.Println(integrations.String()) ``` diff --git a/vendor/github.com/lacework/go-sdk/api/api.go b/vendor/github.com/lacework/go-sdk/api/api.go index b76118a7..6824586f 100644 --- a/vendor/github.com/lacework/go-sdk/api/api.go +++ b/vendor/github.com/lacework/go-sdk/api/api.go @@ -21,10 +21,11 @@ package api import "fmt" const ( - //apiIntegrationType = "external/integrations/type/%s/" - apiIntegrations = "external/integrations" - apiIntegrationByGUID = "external/integrations/%s" - apiTokens = "access/tokens" + apiIntegrations = "external/integrations" + apiIntegrationsByType = "external/integrations/type/%s" + apiIntegrationByGUID = "external/integrations/%s" + apiIntegrationSchema = "external/integrations/schema/%s" + apiTokens = "access/tokens" ) // WithApiV2 configures the client to use the API version 2 (/api/v2) diff --git a/vendor/github.com/lacework/go-sdk/api/client.go b/vendor/github.com/lacework/go-sdk/api/client.go index 3cc26210..8e9ba7b2 100644 --- a/vendor/github.com/lacework/go-sdk/api/client.go +++ b/vendor/github.com/lacework/go-sdk/api/client.go @@ -33,6 +33,8 @@ type Client struct { baseURL *url.URL auth *authConfig c *http.Client + + Integrations *IntegrationsService } type Option interface { @@ -51,7 +53,7 @@ func (fn clientFunc) apply(c *Client) error { // // lacework, err := api.NewClient("demo") // if err == nil { -// lacework.GetIntegrations() +// lacework.Integrations.List() // } func NewClient(account string, opts ...Option) (*Client, error) { baseURL, err := url.Parse(fmt.Sprintf("https://%s.lacework.net", account)) @@ -68,6 +70,7 @@ func NewClient(account string, opts ...Option) (*Client, error) { }, c: &http.Client{Timeout: defaultTimeout}, } + c.Integrations = &IntegrationsService{c} for _, opt := range opts { if err := opt.apply(c); err != nil { diff --git a/vendor/github.com/lacework/go-sdk/api/http.go b/vendor/github.com/lacework/go-sdk/api/http.go index fd24ce00..2a5bbd32 100644 --- a/vendor/github.com/lacework/go-sdk/api/http.go +++ b/vendor/github.com/lacework/go-sdk/api/http.go @@ -106,7 +106,7 @@ func (c *Client) DoDecoder(req *http.Request, v interface{}) (*http.Response, er return res, err } -// requestDecoder performs an http request on an endpoint, and +// RequestDecoder performs an http request on an endpoint, and // decodes the response into the provided interface, all at once func (c *Client) RequestDecoder(method, path string, body io.Reader, v interface{}) error { request, err := c.NewRequest(method, path, body) diff --git a/vendor/github.com/lacework/go-sdk/api/integrations.go b/vendor/github.com/lacework/go-sdk/api/integrations.go index 0e929a5d..9a92114c 100644 --- a/vendor/github.com/lacework/go-sdk/api/integrations.go +++ b/vendor/github.com/lacework/go-sdk/api/integrations.go @@ -23,144 +23,142 @@ import ( "strings" ) +// IntegrationsService is a service that interacts with the integrations +// endpoints from the Lacework Server +type IntegrationsService struct { + client *Client +} + type integrationType int const ( - // awsCFG - AWS Config integration type - awsCFG integrationType = iota + // type that defines a non-existing integration + NoneIntegration integrationType = iota + + // AWS Config integration type + AwsCfgIntegration - // awsCT - AWS CloudTrail integration type - awsCT + // AWS CloudTrail integration type + AwsCloudTrailIntegration - // gcpCFG - GCP Config integration type - gcpCFG + // GCP Config integration type + GcpCfgIntegration - // gcpAT - GCP Audit Log integration type - gcpAT + // GCP Audit Log integration type + GcpAuditLogIntegration - // azureCFG - Azure Config integration type - azureCFG + // Azure Config integration type + AzureCfgIntegration - // azureAL - Azure Activity Log integration type - azureAL + // Azure Activity Log integration type + AzureActivityLogIntegration ) -var integrationTypes = map[integrationType]string{ - awsCFG: "AWS_CFG", - awsCT: "AWS_CT_SQS", - gcpCFG: "GCP_CFG", - gcpAT: "GCP_AT_SES", - azureCFG: "AZURE_CFG", - azureAL: "AZURE_AL_SEQ", +// IntegrationTypes is the list of available integration types +var IntegrationTypes = map[integrationType]string{ + NoneIntegration: "NONE", + AwsCfgIntegration: "AWS_CFG", + AwsCloudTrailIntegration: "AWS_CT_SQS", + GcpCfgIntegration: "GCP_CFG", + GcpAuditLogIntegration: "GCP_AT_SES", + AzureCfgIntegration: "AZURE_CFG", + AzureActivityLogIntegration: "AZURE_AL_SEQ", } +// String returns the string representation of an integration type func (i integrationType) String() string { - return integrationTypes[i] -} - -// gcpResourceLevel determines Project or Organization level integration -type gcpResourceLevel int - -const ( - // GcpProject level integration with GCP - GcpProject gcpResourceLevel = iota - - // GcpOrganization level integration with GCP - GcpOrganization -) - -var gcpResourceLevels = map[gcpResourceLevel]string{ - GcpProject: "PROJECT", - GcpOrganization: "ORGANIZATION", + return IntegrationTypes[i] } -func (g gcpResourceLevel) String() string { - return gcpResourceLevels[g] +// FindIntegrationType looks up inside the list of available integration types +// the matching type from the provided string, if none, returns NoneIntegration +func FindIntegrationType(t string) (integrationType, bool) { + for iType, str := range IntegrationTypes { + if str == t { + return iType, true + } + } + return NoneIntegration, false } -// GetIntegrations lists the external integrations available on the server -func (c *Client) GetIntegrations() (response integrationsResponse, err error) { - err = c.RequestDecoder("GET", apiIntegrations, nil, &response) +// Get gets a single integration matching the integration guid on the Lacework Server, +// the returned integration contains the 'Data' field raw (map of interfaces) +func (svc *IntegrationsService) Get(guid string) ( + response rawIntegrationsResponse, + err error, +) { + err = svc.get(guid, &response) return } -func (c *Client) GetGCPIntegrations() (response gcpIntegrationsResponse, err error) { +// Delete deletes a single integration matching the integration guid on the Lacework Server +// the returned integration contains the 'Data' field raw (map of interfaces) +func (svc *IntegrationsService) Delete(guid string) ( + response rawIntegrationsResponse, + err error, +) { + err = svc.delete(guid, &response) return } -func (c *Client) GetAzureIntegrations() (response azureIntegrationsResponse, err error) { + +// List lists the external integrations available on the Lacework Server +func (svc *IntegrationsService) List() (response integrationsResponse, err error) { + err = svc.client.RequestDecoder("GET", apiIntegrations, nil, &response) return } -func (c *Client) GetAWSIntegrations() (response awsIntegrationsResponse, err error) { + +// ListByType lists the external integrations from the provided type that are available +// on the Lacework Server +func (svc *IntegrationsService) ListByType(iType integrationType) (response integrationsResponse, err error) { + err = svc.listByType(iType, &response) return } -// NewGCPIntegrationData returns an instance of gcpIntegrationData -func NewGCPIntegrationData(name string, idType gcpResourceLevel) gcpIntegrationData { - return gcpIntegrationData{ - commonIntegrationData: commonIntegrationData{ - Name: name, - Type: gcpCFG.String(), - Enabled: 1, - }, - Data: gcpCfg{ - IdType: idType.String(), - }, - } +// GetSchema get the integration schema for the provided integration type +func (svc *IntegrationsService) GetSchema(iType integrationType) ( + response map[string]interface{}, + err error, +) { + apiPath := fmt.Sprintf(apiIntegrationSchema, iType.String()) + err = svc.client.RequestDecoder("GET", apiPath, nil, &response) + return } -// CreateGCPConfigIntegration creates a single integration on the server -func (c *Client) CreateGCPConfigIntegration(data gcpIntegrationData) (response gcpIntegrationsResponse, err error) { - err = c.createIntegration(data, &response) - return +func (svc *IntegrationsService) get(guid string, response interface{}) error { + apiPath := fmt.Sprintf(apiIntegrationByGUID, guid) + return svc.client.RequestDecoder("GET", apiPath, nil, response) } -func (c *Client) createIntegration(data interface{}, response interface{}) error { +func (svc *IntegrationsService) create(data interface{}, response interface{}) error { body, err := jsonReader(data) if err != nil { return err } - err = c.RequestDecoder("POST", apiIntegrations, body, response) + err = svc.client.RequestDecoder("POST", apiIntegrations, body, response) return err } -// GetGCPConfigIntegration gets a single integration matching the integration guid available on the server -func (c *Client) GetGCPConfigIntegration(intgGuid string) (response gcpIntegrationsResponse, err error) { - err = c.getIntegration(intgGuid, &response) - return -} - -func (c *Client) getIntegration(intgGuid string, response interface{}) error { - apiPath := fmt.Sprintf(apiIntegrationByGUID, intgGuid) - return c.RequestDecoder("GET", apiPath, nil, response) -} - -// UpdateGCPConfigIntegration updates a single integration on the server -func (c *Client) UpdateGCPConfigIntegration(data gcpIntegrationData) (response gcpIntegrationsResponse, err error) { - err = c.updateIntegration(data.IntgGuid, data, &response) - return -} - -func (c *Client) updateIntegration(intgGuid string, data interface{}, response interface{}) error { - body, err := jsonReader(data) +func (svc *IntegrationsService) update(guid string, data interface{}, response interface{}) error { + var ( + apiPath = fmt.Sprintf(apiIntegrationByGUID, guid) + body, err = jsonReader(data) + ) if err != nil { return err } - apiPath := fmt.Sprintf(apiIntegrationByGUID, intgGuid) - err = c.RequestDecoder("PATCH", apiPath, body, response) - return err + return svc.client.RequestDecoder("PATCH", apiPath, body, response) } -// DeleteGCPConfigIntegration gets a single integration matching the integration guid available on the server -func (c *Client) DeleteGCPConfigIntegration(intgGuid string) (response gcpIntegrationsResponse, err error) { - err = c.deleteIntegration(intgGuid, &response) - return +func (svc *IntegrationsService) delete(guid string, response interface{}) error { + apiPath := fmt.Sprintf(apiIntegrationByGUID, guid) + return svc.client.RequestDecoder("DELETE", apiPath, nil, response) } -func (c *Client) deleteIntegration(intgGuid string, response interface{}) error { - apiPath := fmt.Sprintf(apiIntegrationByGUID, intgGuid) - return c.RequestDecoder("DELETE", apiPath, nil, response) +func (svc *IntegrationsService) listByType(iType integrationType, response interface{}) error { + apiPath := fmt.Sprintf(apiIntegrationsByType, iType.String()) + return svc.client.RequestDecoder("GET", apiPath, nil, &response) } type commonIntegrationData struct { @@ -175,13 +173,19 @@ type commonIntegrationData struct { TypeName string `json:"TYPE_NAME,omitempty"` } +type state struct { + Ok bool `json:"ok"` + LastUpdatedTime string `json:"lastUpdatedTime"` + LastSuccessfulTime string `json:"lastSuccessfulTime"` +} + type integrationsResponse struct { Data []commonIntegrationData `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` } -func (integrations *integrationsResponse) List() string { +func (integrations *integrationsResponse) String() string { out := []string{} for _, integration := range integrations.Data { out = append(out, fmt.Sprintf("%s %s", integration.IntgGuid, integration.Type)) @@ -189,45 +193,13 @@ func (integrations *integrationsResponse) List() string { return strings.Join(out, "\n") } -type state struct { - Ok bool `json:"ok"` - LastUpdatedTime string `json:"lastUpdatedTime"` - LastSuccessfulTime string `json:"lastSuccessfulTime"` -} - -type awsIntegrationsResponse struct { - //Data []gcpIntegrationData `json:"data"` - Ok bool `json:"ok"` - Message string `json:"message"` -} -type azureIntegrationsResponse struct { - //Data []gcpIntegrationData `json:"data"` - Ok bool `json:"ok"` - Message string `json:"message"` -} - -type gcpIntegrationsResponse struct { - Data []gcpIntegrationData `json:"data"` - Ok bool `json:"ok"` - Message string `json:"message"` -} - -type gcpIntegrationData struct { +type RawIntegration struct { commonIntegrationData - Data gcpCfg `json:"DATA"` -} - -type gcpCfg struct { - ID string `json:"ID"` - IdType string `json:"ID_TYPE"` - IssueGrouping string `json:"ISSUE_GROUPING,omitempty"` - Credentials gcpCredentials `json:"CREDENTIALS"` - SubscriptionName string `json:"SUBSCRIPTION_NAME,omitempty"` + Data map[string]interface{} `json:"DATA"` } -type gcpCredentials struct { - ClientId string `json:"CLIENT_ID"` - ClientEmail string `json:"CLIENT_EMAIL"` - PrivateKeyId string `json:"PRIVATE_KEY_ID"` - PrivateKey string `json:"PRIVATE_KEY"` +type rawIntegrationsResponse struct { + Data []RawIntegration `json:"data"` + Ok bool `json:"ok"` + Message string `json:"message"` } diff --git a/vendor/github.com/lacework/go-sdk/api/integrations_aws.go b/vendor/github.com/lacework/go-sdk/api/integrations_aws.go new file mode 100644 index 00000000..ff4de304 --- /dev/null +++ b/vendor/github.com/lacework/go-sdk/api/integrations_aws.go @@ -0,0 +1,141 @@ +// +// Author:: Salim Afiune Maya () +// Copyright:: Copyright 2020, Lacework Inc. +// License:: Apache License, Version 2.0 +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package api + +// NewAwsIntegration returns an instance of awsIntegration with the provided +// integration type, name and data. The type can only be AwsCfgIntegration or +// AwsCloudTrailIntegration +// +// Basic usage: Initialize a new awsIntegration struct, then +// use the new instance to do CRUD operations +// +// client, err := api.NewClient("account") +// if err != nil { +// return err +// } +// +// aws, err := api.NewAwsIntegration("foo", +// api.AwsCfgIntegration, +// api.AwsIntegrationData{ +// Credentials: api.AwsIntegrationCreds { +// RoleArn: "arn:aws:XYZ", +// ExternalId: "1", +// }, +// }, +// ) +// if err != nil { +// return err +// } +// +// client.Integrations.CreateAws(aws) +// +func NewAwsIntegration(name string, iType integrationType, data AwsIntegrationData) awsIntegration { + return awsIntegration{ + commonIntegrationData: commonIntegrationData{ + Name: name, + Type: iType.String(), + Enabled: 1, + }, + Data: data, + } +} + +// NewAwsCfgIntegration returns an instance of awsIntegration of type AWS_CFG +func NewAwsCfgIntegration(name string, data AwsIntegrationData) awsIntegration { + return NewAwsIntegration(name, AwsCfgIntegration, data) +} + +// NewAwsCloudTrailIntegration returns an instance of awsIntegration of type AWS_CT_SQS +func NewAwsCloudTrailIntegration(name string, data AwsIntegrationData) awsIntegration { + return NewAwsIntegration(name, AwsCloudTrailIntegration, data) +} + +// CreateAws creates a single AWS integration on the Lacework Server +func (svc *IntegrationsService) CreateAws(integration awsIntegration) ( + response awsIntegrationsResponse, + err error, +) { + err = svc.create(integration, &response) + return +} + +// GetAws gets a single AWS integration matching the integration guid on +// the Lacework Server +func (svc *IntegrationsService) GetAws(guid string) ( + response awsIntegrationsResponse, + err error, +) { + err = svc.get(guid, &response) + return +} + +// UpdateAws updates a single AWS integration on the Lacework Server +func (svc *IntegrationsService) UpdateAws(data awsIntegration) ( + response awsIntegrationsResponse, + err error, +) { + err = svc.update(data.IntgGuid, data, &response) + return +} + +// DeleteAws deletes a single AWS integration matching the integration guid on +// the Lacework Server +func (svc *IntegrationsService) DeleteAws(guid string) ( + response awsIntegrationsResponse, + err error, +) { + err = svc.delete(guid, &response) + return +} + +// ListAwsCfg lists the AWS_CFG external integrations available on the Lacework Server +func (svc *IntegrationsService) ListAwsCfg() (response awsIntegrationsResponse, err error) { + err = svc.listByType(AwsCfgIntegration, &response) + return +} + +// ListAwsCloudTrail lists the AWS_CT_SQS external integrations available on the Lacework Server +func (svc *IntegrationsService) ListAwsCloudTrail() (response awsIntegrationsResponse, err error) { + err = svc.listByType(AwsCloudTrailIntegration, &response) + return +} + +type awsIntegrationsResponse struct { + Data []awsIntegration `json:"data"` + Ok bool `json:"ok"` + Message string `json:"message"` +} + +type awsIntegration struct { + commonIntegrationData + Data AwsIntegrationData `json:"DATA"` +} + +type AwsIntegrationData struct { + Credentials AwsIntegrationCreds `json:"CROSS_ACCOUNT_CREDENTIALS"` + + // QueueUrl is a field that exists and is required for the AWS_CT_SQS integration, + // though, it doesn't exist for AWS_CFG integrations, that's why we omit it if empty + QueueUrl string `json:"QUEUE_URL,omitempty"` +} + +type AwsIntegrationCreds struct { + RoleArn string `json:"ROLE_ARN"` + ExternalId string `json:"EXTERNAL_ID"` +} diff --git a/vendor/github.com/lacework/go-sdk/api/integrations_azure.go b/vendor/github.com/lacework/go-sdk/api/integrations_azure.go new file mode 100644 index 00000000..39cd4cd5 --- /dev/null +++ b/vendor/github.com/lacework/go-sdk/api/integrations_azure.go @@ -0,0 +1,150 @@ +// +// Author:: Salim Afiune Maya () +// Copyright:: Copyright 2020, Lacework Inc. +// License:: Apache License, Version 2.0 +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package api + +// NewAzureIntegration returns an instance of azureIntegration with the provided +// integration type, name and data. The type can only be AzureCfgIntegration or +// AzureActivityLogIntegration +// +// Basic usage: Initialize a new azureIntegration struct, then +// use the new instance to do CRUD operations +// +// client, err := api.NewClient("account") +// if err != nil { +// return err +// } +// +// azure, err := api.NewAzureIntegration("bar", +// api.AzureActivityLogIntegration, +// api.AzureIntegrationData{ +// TenantID: "tenant_id", +// QueueUrl: "https://abc.queue.core.windows.net/123", +// Credentials: api.AzureIntegrationCreds{ +// ClientID: "client_id", +// ClientSecret: "secret", +// }, +// }, +// ) +// if err != nil { +// return err +// } +// +// client.Integrations.CreateAzure(azure) +// +func NewAzureIntegration(name string, iType integrationType, data AzureIntegrationData) azureIntegration { + return azureIntegration{ + commonIntegrationData: commonIntegrationData{ + Name: name, + Type: iType.String(), + Enabled: 1, + }, + Data: data, + } +} + +// NewAzureCfgIntegration returns an instance of azureIntegration of type AZURE_CFG +func NewAzureCfgIntegration(name string, data AzureIntegrationData) azureIntegration { + return NewAzureIntegration(name, AzureCfgIntegration, data) +} + +// NewAzureActivityLogIntegration returns an instance of azureIntegration of type AZURE_AL_SEQ +func NewAzureActivityLogIntegration(name string, data AzureIntegrationData) azureIntegration { + return NewAzureIntegration(name, AzureActivityLogIntegration, data) +} + +// CreateAzure creates a single Azure integration on the Lacework Server +func (svc *IntegrationsService) CreateAzure(integration azureIntegration) ( + response azureIntegrationsResponse, + err error, +) { + err = svc.create(integration, &response) + return +} + +// GetAzure gets a single Azure integration matching the integration guid on +// the Lacework Server +func (svc *IntegrationsService) GetAzure(guid string) ( + response azureIntegrationsResponse, + err error, +) { + err = svc.get(guid, &response) + return +} + +// UpdateAzure updates a single Azure integration on the Lacework Server +func (svc *IntegrationsService) UpdateAzure(data azureIntegration) ( + response azureIntegrationsResponse, + err error, +) { + err = svc.update(data.IntgGuid, data, &response) + return +} + +// DeleteAzure deletes a single Azure integration matching the integration on +// the Lacework Server +func (svc *IntegrationsService) DeleteAzure(guid string) ( + response azureIntegrationsResponse, + err error, +) { + err = svc.delete(guid, &response) + return + +} + +// ListAzureCfg lists the AZURE_CFG external integrations available on the Lacework Server +func (svc *IntegrationsService) ListAzureCfg() ( + response azureIntegrationsResponse, err error, +) { + err = svc.listByType(AzureCfgIntegration, &response) + return +} + +// ListAzureActivityLog lists the AZURE_AL_SEQ external integrations available +// on the Lacework Server +func (svc *IntegrationsService) ListAzureActivityLog() ( + response azureIntegrationsResponse, err error, +) { + err = svc.listByType(AzureActivityLogIntegration, &response) + return +} + +type azureIntegrationsResponse struct { + Data []azureIntegration `json:"data"` + Ok bool `json:"ok"` + Message string `json:"message"` +} + +type azureIntegration struct { + commonIntegrationData + Data AzureIntegrationData `json:"DATA"` +} + +type AzureIntegrationData struct { + Credentials AzureIntegrationCreds `json:"CREDENTIALS"` + TenantID string `json:"TENANT_ID"` + + // QueueUrl is a field that exists and is required for the AWS_CT_SQS integration, + // though, it doesn't exist for AZURE_CFG integrations, that's why we omit it if empty + QueueUrl string `json:"QUEUE_URL,omitempty"` +} + +type AzureIntegrationCreds struct { + ClientID string `json:"CLIENT_ID"` + ClientSecret string `json:"CLIENT_SECRET"` +} diff --git a/vendor/github.com/lacework/go-sdk/api/integrations_gcp.go b/vendor/github.com/lacework/go-sdk/api/integrations_gcp.go new file mode 100644 index 00000000..128f9833 --- /dev/null +++ b/vendor/github.com/lacework/go-sdk/api/integrations_gcp.go @@ -0,0 +1,171 @@ +// +// Author:: Salim Afiune Maya () +// Copyright:: Copyright 2020, Lacework Inc. +// License:: Apache License, Version 2.0 +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package api + +// gcpResourceLevel determines Project or Organization level integration +type gcpResourceLevel int + +const ( + // Project level integration with GCP + GcpProjectIntegration gcpResourceLevel = iota + + // Organization level integration with GCP + GcpOrganizationIntegration +) + +var gcpResourceLevels = map[gcpResourceLevel]string{ + GcpProjectIntegration: "PROJECT", + GcpOrganizationIntegration: "ORGANIZATION", +} + +func (g gcpResourceLevel) String() string { + return gcpResourceLevels[g] +} + +// NewGcpIntegration returns an instance of gcpIntegration with the provided +// integration type, name and data. The type can only be GcpCfgIntegration or +// GcpAuditLogIntegration +// +// +// Basic usage: Initialize a new gcpIntegration struct, then +// use the new instance to do CRUD operations +// +// client, err := api.NewClient("account") +// if err != nil { +// return err +// } +// +// gcp, err := api.NewGcpIntegration("abc", +// api.GcpCfgIntegration, +// api.GcpIntegrationData{ +// ID: "1234", +// IdType: "id_type", +// Credentials: api.GcpCredentials{ +// ClientId: "id", +// ClientEmail: "email", +// PrivateKeyId: "key_id", +// PrivateKey: "key", +// }, +// }, +// ) +// if err != nil { +// return err +// } +// +// client.Integrations.CreateGcp(gcp) +// +func NewGcpIntegration(name string, iType integrationType, data GcpIntegrationData) gcpIntegration { + return gcpIntegration{ + commonIntegrationData: commonIntegrationData{ + Name: name, + Type: iType.String(), + Enabled: 1, + }, + Data: data, + } +} + +// NewGcpCfgIntegration returns an instance of gcpIntegration of type GCP_CFG +func NewGcpCfgIntegration(name string, data GcpIntegrationData) gcpIntegration { + return NewGcpIntegration(name, GcpCfgIntegration, data) +} + +// NewGcpAuditLogIntegration returns an instance of gcpIntegration of type GCP_AT_SES +func NewGcpAuditLogIntegration(name string, data GcpIntegrationData) gcpIntegration { + return NewGcpIntegration(name, GcpAuditLogIntegration, data) +} + +// CreateGcp creates a single Gcp integration on the Lacework Server +func (svc *IntegrationsService) CreateGcp(data gcpIntegration) ( + response gcpIntegrationsResponse, + err error, +) { + err = svc.create(data, &response) + return +} + +// GetGcp gets a single Gcp integration matching the integration guid +// on the Lacework Server +func (svc *IntegrationsService) GetGcp(guid string) ( + response gcpIntegrationsResponse, + err error, +) { + err = svc.get(guid, &response) + return +} + +// UpdateGcp updates a single Gcp integration on the Lacework Server +func (svc *IntegrationsService) UpdateGcp(data gcpIntegration) ( + response gcpIntegrationsResponse, + err error, +) { + err = svc.update(data.IntgGuid, data, &response) + return +} + +// DeleteGcp deletes a single Gcp integration matching the integration guid +// on the Lacework Server +func (svc *IntegrationsService) DeleteGcp(guid string) ( + response gcpIntegrationsResponse, + err error, +) { + err = svc.delete(guid, &response) + return +} + +// ListGcpCfg lists the GCP_CFG external integrations available on the Lacework Server +func (svc *IntegrationsService) ListGcpCfg() (response gcpIntegrationsResponse, err error) { + err = svc.listByType(GcpCfgIntegration, &response) + return +} + +// ListGcpAuditLog lists the GCP_AT_SES external integrations available on the Lacework Server +func (svc *IntegrationsService) ListGcpAuditLog() (response gcpIntegrationsResponse, err error) { + err = svc.listByType(GcpAuditLogIntegration, &response) + return +} + +type gcpIntegrationsResponse struct { + Data []gcpIntegration `json:"data"` + Ok bool `json:"ok"` + Message string `json:"message"` +} + +type gcpIntegration struct { + commonIntegrationData + Data GcpIntegrationData `json:"DATA"` +} + +type GcpIntegrationData struct { + ID string `json:"ID"` + IdType string `json:"ID_TYPE"` + Credentials GcpCredentials `json:"CREDENTIALS"` + + // SubscriptionName is a field that exists and is required for the GCP_AT_SES + // integration, though, it doesn't exist for GCP_CFG integrations, that's why + // we omit it if empty + SubscriptionName string `json:"SUBSCRIPTION_NAME,omitempty"` +} + +type GcpCredentials struct { + ClientId string `json:"CLIENT_ID"` + ClientEmail string `json:"CLIENT_EMAIL"` + PrivateKeyId string `json:"PRIVATE_KEY_ID"` + PrivateKey string `json:"PRIVATE_KEY"` +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 127f939f..850918ae 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -180,7 +180,7 @@ github.com/hashicorp/terraform-svchost/disco github.com/hashicorp/yamux # github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af github.com/jmespath/go-jmespath -# github.com/lacework/go-sdk v0.0.0-20200318002413-5f027eab9aa4 +# github.com/lacework/go-sdk v0.0.0-20200325152128-6358ff2754bd ## explicit github.com/lacework/go-sdk/api # github.com/mattn/go-colorable v0.1.1