security

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 14, 2025 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ComplianceCheck 

type ComplianceCheck struct {
	ID          string                 `json:"id"`
	PolicyID    string                 `json:"policy_id"`
	RuleID      string                 `json:"rule_id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Type        string                 `json:"type"`
	Resource    string                 `json:"resource"`
	Status      string                 `json:"status"`
	LastRun     time.Time              `json:"last_run"`
	NextRun     time.Time              `json:"next_run"`
	Enabled     bool                   `json:"enabled"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceCheck represents a compliance check

type ComplianceConfig 

type ComplianceConfig struct {
	DefaultStandards    []string      `json:"default_standards"`
	CheckInterval       time.Duration `json:"check_interval"`
	RetentionPeriod     time.Duration `json:"retention_period"`
	AutoRemediation     bool          `json:"auto_remediation"`
	NotificationEnabled bool          `json:"notification_enabled"`
	AuditLogging        bool          `json:"audit_logging"`
}

ComplianceConfig represents configuration for the compliance manager

type ComplianceEvent 

type ComplianceEvent struct {
	Type       string                 `json:"type"`
	PolicyID   string                 `json:"policy_id,omitempty"`
	CheckID    string                 `json:"check_id,omitempty"`
	ResourceID string                 `json:"resource_id,omitempty"`
	Message    string                 `json:"message"`
	Severity   string                 `json:"severity"`
	Timestamp  time.Time              `json:"timestamp"`
	Metadata   map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceEvent represents a compliance-related event

type ComplianceManager 

type ComplianceManager struct {
	// contains filtered or unexported fields
}

ComplianceManager manages security compliance and policy enforcement

func NewComplianceManager 

func NewComplianceManager(eventBus EventBus) *ComplianceManager

NewComplianceManager creates a new compliance manager

func (*ComplianceManager) CreatePolicy 

func (cm *ComplianceManager) CreatePolicy(ctx context.Context, policy *CompliancePolicy) error

CreatePolicy creates a new compliance policy

func (*ComplianceManager) GetComplianceReport 

func (cm *ComplianceManager) GetComplianceReport(ctx context.Context, standard string) (*ComplianceReport, error)

GetComplianceReport generates a compliance report

func (*ComplianceManager) GetConfig 

func (cm *ComplianceManager) GetConfig() *ComplianceConfig

GetConfig returns the current compliance manager configuration

func (*ComplianceManager) RunAllComplianceChecks 

func (cm *ComplianceManager) RunAllComplianceChecks(ctx context.Context, resources []*models.Resource) ([]*ComplianceResult, error)

RunAllComplianceChecks runs all enabled compliance checks

func (*ComplianceManager) RunComplianceCheck 

func (cm *ComplianceManager) RunComplianceCheck(ctx context.Context, checkID string, resource *models.Resource) (*ComplianceResult, error)

RunComplianceCheck runs a compliance check for a specific resource

func (*ComplianceManager) SetConfig 

func (cm *ComplianceManager) SetConfig(config *ComplianceConfig)

SetConfig updates the compliance manager configuration

type CompliancePolicy 

type CompliancePolicy struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Standard    string                 `json:"standard"` // SOC2, HIPAA, PCI-DSS, etc.
	Version     string                 `json:"version"`
	Category    string                 `json:"category"`
	Severity    string                 `json:"severity"`
	Rules       []ComplianceRule       `json:"rules"`
	Enabled     bool                   `json:"enabled"`
	CreatedAt   time.Time              `json:"created_at"`
	UpdatedAt   time.Time              `json:"updated_at"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

CompliancePolicy represents a compliance policy

type ComplianceReport 

type ComplianceReport struct {
	ID              string                 `json:"id"`
	Standard        string                 `json:"standard"`
	GeneratedAt     time.Time              `json:"generated_at"`
	ValidUntil      time.Time              `json:"valid_until"`
	Policies        []*CompliancePolicy    `json:"policies"`
	Results         []*ComplianceResult    `json:"results"`
	Summary         map[string]interface{} `json:"summary"`
	Recommendations []Recommendation       `json:"recommendations"`
	Metadata        map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceReport represents a comprehensive compliance report

type ComplianceReportGenerator 

type ComplianceReportGenerator struct {
	// contains filtered or unexported fields
}

ComplianceReportGenerator generates compliance reports

func NewComplianceReportGenerator 

func NewComplianceReportGenerator(complianceManager *ComplianceManager) *ComplianceReportGenerator

NewComplianceReportGenerator creates a new compliance report generator

func (*ComplianceReportGenerator) GenerateExecutiveSummary 

func (crg *ComplianceReportGenerator) GenerateExecutiveSummary(ctx context.Context, report *ComplianceReport) (*ExecutiveSummary, error)

GenerateExecutiveSummary generates an executive summary of the compliance report

func (*ComplianceReportGenerator) GenerateReport 

func (crg *ComplianceReportGenerator) GenerateReport(ctx context.Context, standard string) (*ComplianceReport, error)

GenerateReport generates a comprehensive compliance report

type ComplianceResult 

type ComplianceResult struct {
	ID         string                 `json:"id"`
	CheckID    string                 `json:"check_id"`
	PolicyID   string                 `json:"policy_id"`
	RuleID     string                 `json:"rule_id"`
	ResourceID string                 `json:"resource_id"`
	Status     string                 `json:"status"` // PASS, FAIL, WARN, ERROR
	Severity   string                 `json:"severity"`
	Message    string                 `json:"message"`
	Details    map[string]interface{} `json:"details,omitempty"`
	Violations []ComplianceViolation  `json:"violations,omitempty"`
	Timestamp  time.Time              `json:"timestamp"`
	Metadata   map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceResult represents the result of a compliance check

type ComplianceRule 

type ComplianceRule struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Type        string                 `json:"type"`
	Conditions  []RuleCondition        `json:"conditions"`
	Actions     []RuleAction           `json:"actions"`
	Severity    string                 `json:"severity"`
	Enabled     bool                   `json:"enabled"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceRule represents a rule within a compliance policy

type ComplianceViolation 

type ComplianceViolation struct {
	ID          string                 `json:"id"`
	Type        string                 `json:"type"`
	Severity    string                 `json:"severity"`
	Description string                 `json:"description"`
	Resource    string                 `json:"resource"`
	Field       string                 `json:"field"`
	Expected    interface{}            `json:"expected"`
	Actual      interface{}            `json:"actual"`
	Remediation string                 `json:"remediation"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

ComplianceViolation represents a compliance violation

type EventBus 

type EventBus interface {
	PublishComplianceEvent(event ComplianceEvent) error
}

EventBus interface for compliance events

type ExecutiveSummary 

type ExecutiveSummary struct {
	ReportID        string                 `json:"report_id"`
	Standard        string                 `json:"standard"`
	GeneratedAt     time.Time              `json:"generated_at"`
	ComplianceScore float64                `json:"compliance_score"`
	Status          string                 `json:"status"`
	KeyFindings     []string               `json:"key_findings"`
	CriticalIssues  []string               `json:"critical_issues"`
	Recommendations []string               `json:"recommendations"`
	NextSteps       []string               `json:"next_steps"`
	Metadata        map[string]interface{} `json:"metadata,omitempty"`
}

ExecutiveSummary represents an executive summary of compliance

type PolicyConfig 

type PolicyConfig struct {
	DefaultEnforcement  string        `json:"default_enforcement"`
	AutoRemediation     bool          `json:"auto_remediation"`
	NotificationEnabled bool          `json:"notification_enabled"`
	AuditLogging        bool          `json:"audit_logging"`
	RetentionPeriod     time.Duration `json:"retention_period"`
}

PolicyConfig represents configuration for the policy engine

type PolicyEnforcement 

type PolicyEnforcement struct {
	ID         string                 `json:"id"`
	PolicyID   string                 `json:"policy_id"`
	RuleID     string                 `json:"rule_id"`
	ResourceID string                 `json:"resource_id"`
	Status     string                 `json:"status"` // ENFORCED, VIOLATED, PENDING
	Action     string                 `json:"action"`
	Message    string                 `json:"message"`
	Timestamp  time.Time              `json:"timestamp"`
	Metadata   map[string]interface{} `json:"metadata,omitempty"`
}

PolicyEnforcement represents the enforcement of a policy

type PolicyEngine 

type PolicyEngine struct {
	// contains filtered or unexported fields
}

PolicyEngine manages security policies and enforcement

func NewPolicyEngine 

func NewPolicyEngine(eventBus EventBus) *PolicyEngine

NewPolicyEngine creates a new policy engine

func (*PolicyEngine) CreatePolicy 

func (pe *PolicyEngine) CreatePolicy(ctx context.Context, policy *SecurityPolicy) error

CreatePolicy creates a new security policy

func (*PolicyEngine) CreateRule 

func (pe *PolicyEngine) CreateRule(ctx context.Context, rule *SecurityRule) error

CreateRule creates a new security rule

func (*PolicyEngine) EvaluatePolicy 

func (pe *PolicyEngine) EvaluatePolicy(ctx context.Context, policyID string, resource *models.Resource) (*PolicyEvaluation, error)

EvaluatePolicy evaluates a policy against a resource

func (*PolicyEngine) GetConfig 

func (pe *PolicyEngine) GetConfig() *PolicyConfig

GetConfig returns the current policy engine configuration

func (*PolicyEngine) SetConfig 

func (pe *PolicyEngine) SetConfig(config *PolicyConfig)

SetConfig updates the policy engine configuration

type PolicyEvaluation 

type PolicyEvaluation struct {
	PolicyID    string                 `json:"policy_id"`
	ResourceID  string                 `json:"resource_id"`
	Status      string                 `json:"status"` // COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE
	Message     string                 `json:"message"`
	Timestamp   time.Time              `json:"timestamp"`
	RuleResults []RuleEvaluation       `json:"rule_results"`
	Violations  []PolicyViolation      `json:"violations"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

PolicyEvaluation represents the result of policy evaluation

type PolicyScope 

type PolicyScope struct {
	Tenants       []string          `json:"tenants,omitempty"`
	Accounts      []string          `json:"accounts,omitempty"`
	Regions       []string          `json:"regions,omitempty"`
	Providers     []string          `json:"providers,omitempty"`
	ResourceTypes []string          `json:"resource_types,omitempty"`
	Tags          map[string]string `json:"tags,omitempty"`
}

PolicyScope represents the scope of a policy

type PolicyViolation 

type PolicyViolation struct {
	ID          string                 `json:"id"`
	RuleID      string                 `json:"rule_id"`
	Type        string                 `json:"type"`
	Severity    string                 `json:"severity"`
	Description string                 `json:"description"`
	Resource    string                 `json:"resource"`
	Field       string                 `json:"field"`
	Expected    interface{}            `json:"expected"`
	Actual      interface{}            `json:"actual"`
	Remediation string                 `json:"remediation"`
	Timestamp   time.Time              `json:"timestamp"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

PolicyViolation represents a policy violation

type Recommendation 

type Recommendation struct {
	ID          string                 `json:"id"`
	Type        string                 `json:"type"`
	Priority    string                 `json:"priority"`
	Title       string                 `json:"title"`
	Description string                 `json:"description"`
	Action      string                 `json:"action"`
	Resource    string                 `json:"resource,omitempty"`
	Policy      string                 `json:"policy,omitempty"`
	Rule        string                 `json:"rule,omitempty"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

Recommendation represents a compliance recommendation

type RuleAction 

type RuleAction struct {
	Type        string                 `json:"type"`
	Parameters  map[string]interface{} `json:"parameters"`
	Description string                 `json:"description"`
}

RuleAction represents an action to take when a rule is violated

type RuleCondition 

type RuleCondition struct {
	Field    string      `json:"field"`
	Operator string      `json:"operator"`
	Value    interface{} `json:"value"`
	Type     string      `json:"type"`
}

RuleCondition represents a condition for a compliance rule

type RuleEvaluation 

type RuleEvaluation struct {
	RuleID    string      `json:"rule_id"`
	Status    string      `json:"status"` // COMPLIANT, VIOLATED
	Message   string      `json:"message"`
	Field     string      `json:"field,omitempty"`
	Expected  interface{} `json:"expected,omitempty"`
	Actual    interface{} `json:"actual,omitempty"`
	Timestamp time.Time   `json:"timestamp"`
}

RuleEvaluation represents the result of rule evaluation

type SecurityConfig 

type SecurityConfig struct {
	AutoScanInterval    time.Duration `json:"auto_scan_interval"`
	ReportGeneration    bool          `json:"report_generation"`
	NotificationEnabled bool          `json:"notification_enabled"`
	AuditLogging        bool          `json:"audit_logging"`
	MaxConcurrentScans  int           `json:"max_concurrent_scans"`
}

SecurityConfig represents configuration for the security service

type SecurityPolicy 

type SecurityPolicy struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Category    string                 `json:"category"`
	Priority    string                 `json:"priority"`
	Rules       []string               `json:"rules"` // Rule IDs
	Scope       PolicyScope            `json:"scope"`
	Enabled     bool                   `json:"enabled"`
	CreatedAt   time.Time              `json:"created_at"`
	UpdatedAt   time.Time              `json:"updated_at"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

SecurityPolicy represents a security policy

type SecurityRule 

type SecurityRule struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Type        string                 `json:"type"`
	Category    string                 `json:"category"`
	Conditions  []RuleCondition        `json:"conditions"`
	Actions     []RuleAction           `json:"actions"`
	Severity    string                 `json:"severity"`
	Enabled     bool                   `json:"enabled"`
	CreatedAt   time.Time              `json:"created_at"`
	UpdatedAt   time.Time              `json:"updated_at"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

SecurityRule represents a security rule

type SecurityScanResult 

type SecurityScanResult struct {
	ScanID     string                 `json:"scan_id"`
	StartTime  time.Time              `json:"start_time"`
	EndTime    time.Time              `json:"end_time"`
	Duration   time.Duration          `json:"duration"`
	Resources  []*models.Resource     `json:"resources"`
	Policies   []*SecurityPolicy      `json:"policies"`
	Compliance []*ComplianceResult    `json:"compliance"`
	Violations []PolicyViolation      `json:"violations"`
	Summary    map[string]interface{} `json:"summary"`
	Metadata   map[string]interface{} `json:"metadata,omitempty"`
}

SecurityScanResult represents the result of a security scan

type SecurityService 

type SecurityService struct {
	// contains filtered or unexported fields
}

SecurityService provides a unified interface for security and compliance management

func NewSecurityService 

func NewSecurityService(eventBus EventBus) *SecurityService

NewSecurityService creates a new security service

func (*SecurityService) CreateCompliancePolicy 

func (ss *SecurityService) CreateCompliancePolicy(ctx context.Context, policy *CompliancePolicy) error

CreateCompliancePolicy creates a new compliance policy

func (*SecurityService) CreateSecurityPolicy 

func (ss *SecurityService) CreateSecurityPolicy(ctx context.Context, policy *SecurityPolicy) error

CreateSecurityPolicy creates a new security policy

func (*SecurityService) CreateSecurityRule 

func (ss *SecurityService) CreateSecurityRule(ctx context.Context, rule *SecurityRule) error

CreateSecurityRule creates a new security rule

func (*SecurityService) GenerateComplianceReport 

func (ss *SecurityService) GenerateComplianceReport(ctx context.Context, standard string) (*ComplianceReport, error)

GenerateComplianceReport generates a compliance report for a specific standard

func (*SecurityService) GetConfig 

func (ss *SecurityService) GetConfig() *SecurityConfig

GetConfig returns the current security service configuration

func (*SecurityService) GetSecurityStatus 

func (ss *SecurityService) GetSecurityStatus(ctx context.Context) (*SecurityStatus, error)

GetSecurityStatus returns the overall security status

func (*SecurityService) ScanResources 

func (ss *SecurityService) ScanResources(ctx context.Context, resources []*models.Resource) (*SecurityScanResult, error)

ScanResources performs a comprehensive security scan of resources

func (*SecurityService) SetConfig 

func (ss *SecurityService) SetConfig(config *SecurityConfig)

SetConfig updates the security service configuration

func (*SecurityService) Start 

func (ss *SecurityService) Start(ctx context.Context) error

Start starts the security service

func (*SecurityService) Stop 

func (ss *SecurityService) Stop(ctx context.Context) error

Stop stops the security service

type SecurityStatus 

type SecurityStatus struct {
	OverallStatus string                 `json:"overall_status"`
	SecurityScore float64                `json:"security_score"`
	Policies      map[string]int         `json:"policies"`
	Compliance    map[string]int         `json:"compliance"`
	Violations    map[string]int         `json:"violations"`
	LastScan      time.Time              `json:"last_scan"`
	Metadata      map[string]interface{} `json:"metadata,omitempty"`
}

SecurityStatus represents the overall security status

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.