 Documentation
      ¶
      Documentation
      ¶
    
    
  
    
      Overview ¶
The commands behind the Lacework command-line interface (CLI)
Author:: Salim Afiune Maya (<afiune@lacework.net>) Copyright:: Copyright 2020, Lacework Inc. License:: Apache License, Version 2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- Variables
- func CacheTransform(key string) *diskv.PathKey
- func DisplayTerraformPlanChanges(tf *tfexec.Terraform, data TfPlanChangesSummary) (bool, error)
- func Execute() (err error)
- func GenerateMarkdownDocs(location string) error
- func InverseCacheTransform(pathKey *diskv.PathKey) string
- func IsDefault(isDefault int) string
- func LocateOrInstallTerraform(forceInstall bool, workingDir string) (*tfexec.Terraform, error)
- func NewDefaultState() *cliState
- func NewQueryFailonError(failonCount string, count int) *queryFailonError
- func NewVulnerabilityPolicyError(assessment api.VulnerabilityAssessment, failOnSeverity string, ...) *vulnerabilityPolicyError
- func NewVulnerabilityPolicyErrorV2(assessment api.VulnerabilitiesContainersResponse, failOnSeverity string, ...) *vulnerabilityPolicyError
- func SurveyMultipleQuestionWithValidation(questions []SurveyQuestionWithValidationArgs, checks ...bool) error
- func SurveyQuestionInteractiveOnly(question SurveyQuestionWithValidationArgs) error
- func TerraformExecApply(tf *tfexec.Terraform) error
- func TerraformExecutePreRunCheck(outputLocation string, cloud string) (bool, error)
- func TerraformInit(tf *tfexec.Terraform) error
- func TerraformPlanAndExecute(workingDir string) error
- type AwsControlTowerGenerateCommandExtraState
- type AwsEksAuditGenerateCommandExtraState
- type AwsGenerateCommandExtraState
- type AzureGenerateCommandExtraState
- type CmdFilters
- type GcpGenerateCommandExtraState
- type GkeGenerateCommandExtraState
- type Honeyvent
- type LCLContentType
- type LCLPolicy
- type LCLQuery
- type LCLReference
- type LaceworkContentLibrary
- type OS
- type OciGenerateCommandExtraState
- type PolicyExceptionSurveyQuestion
- type PolicySyncOperation
- type SurveyQuestionWithValidationArgs
- type TfPlanChangesSummary
- type VulnCveSummary
Constants ¶
const ( // DisableTelemetry is an environment variable that can be used to // disable telemetry sent to Honeycomb DisableTelemetry = "LW_TELEMETRY_DISABLE" // HomebrewInstall is an environment variable that denotes the // install method was via homebrew package manager HomebrewInstall = "LW_HOMEBREW_INSTALL" // ChocolateyInstall is an environment variable that denotes the // install method was via chocolatey package manager ChocolateyInstall = "LW_CHOCOLATEY_INSTALL" )
const AlasRegex = `(?i)ALAS(2?)-\d{4}-\d{3,7}`
    const (
	AzureCloudEnv = "POWERSHELL_DISTRIBUTION_CHANNEL"
)
    Env variables found in GCP, AWS and Azure cloudshell. Used to determine if cli is running on cloudshell.
const ConfigBackupDir = "cfg_backups"
    The name of the directory we will store backups of configuration files before migrating them
const CveRegex = `(?i)CVE-\d{4}-\d{4,7}`
    const MaxCacheSize = 1024 * 1024 * 1024
    const (
	ReasonUnset = -1
)
    Variables ¶
var ( QuestionRunTfPlan = "Run Terraform plan now?" QuestionUsePreviousCache = "Previous IaC generation detected, load cached values?" )
var ( // Define question text here so they can be reused in testing QuestionAwsEnableConfig = "Enable configuration integration?" QuestionCustomizeConfigName = "Customize Config integration name?" QuestionConfigName = "Specify name of config integration (optional)" QuestionEnableCloudtrail = "Enable CloudTrail integration?" QuestionCloudtrailName = "Specify name of cloudtrail integration (optional)" QuestionAwsRegion = "Specify the AWS region to be used by CloudTrail, SNS, and S3:" QuestionConsolidatedCloudtrail = "Use consolidated CloudTrail?" QuestionUseExistingCloudtrail = "Use an existing CloudTrail?" QuestionCloudtrailExistingBucketArn = "Specify an existing bucket ARN used for CloudTrail logs:" QuestionExistingIamRoleName = "Specify an existing IAM role name for CloudTrail access:" QuestionExistingIamRoleArn = "Specify an existing IAM role ARN for CloudTrail access:" QuestionExistingIamRoleExtID = "Specify the external ID to be used with the existing IAM role:" QuestionPrimaryAwsAccountProfile = "Before adding sub-accounts, your primary AWS account profile name " + "must be set; which profile should the main account use?" QuestionSubAccountProfileName = "Supply the profile name for this additional AWS account:" QuestionSubAccountRegion = "What region should be used for this account?" QuestionSubAccountAddMore = "Add another AWS account?" QuestionSubAccountReplace = "Currently configured AWS sub-accounts: %s, replace?" QuestionAwsConfigAdvanced = "Configure advanced integration options?" QuestionAwsAnotherAdvancedOpt = "Configure another advanced integration option" QuestionAwsCustomizeOutputLocation = "Provide the location for the output to be written:" // S3 Bucket Questions QuestionBucketEnableEncryption = "Enable S3 bucket encryption when creating bucket" QuestionBucketSseKeyArn = "Specify existing KMS encryption key arn for S3 bucket (optional)" QuestionBucketName = "Specify name when creating S3 bucket (optional)" QuestionS3BucketNotification = "Enable S3 bucket notifications" // SNS Topic Questions QuestionsUseExistingSNSTopic = "Use an existing SNS topic?" QuestionSnsTopicArn = "Specify existing SNS topic arn" QuestionSnsEnableEncryption = "Enable encryption on SNS topic when creating?" QuestionSnsEncryptionKeyArn = "Specify existing KMS encryption key arn for SNS topic (optional)" QuestionSnsTopicName = "Specify SNS topic name if creating new one (optional)" // SQS Queue Questions QuestionSqsEnableEncryption = "Enable encryption on SQS queue when creating" QuestionSqsEncryptionKeyArn = "Specify existing KMS encryption key arn for SQS queue (optional)" QuestionSqsQueueName = "Specify SQS queue name when creating (optional)" // select options AwsAdvancedOptDone = "Done" AdvancedOptCloudTrail = "Additional CloudTrail options" AdvancedOptIamRole = "Configure Lacework integration with an existing IAM role" AdvancedOptAwsAccounts = "Add additional AWS Accounts to Lacework" AwsAdvancedOptLocation = "Customize output location" // AwsArnRegex original source: https://regex101.com/r/pOfxYN/1 AwsArnRegex = `` //nolint /* 154-byte string literal not displayed */ // AwsRegionRegex regex used for validating region input; note intentionally does not match gov cloud AwsRegionRegex = `(af|ap|ca|eu|me|sa|us)-(central|(north|south)?(east|west)?)-\d` AwsProfileRegex = `([A-Za-z_0-9-]+)` GenerateAwsCommandState = &aws.GenerateAwsTfConfigurationArgs{} GenerateAwsExistingRoleState = &aws.ExistingIamRoleDetails{} GenerateAwsCommandExtraState = &AwsGenerateCommandExtraState{} ValidateSubAccountFlagRegex = fmt.Sprintf(`%s:%s`, AwsProfileRegex, AwsRegionRegex) CachedAwsAssetIacParams = "iac-aws-generate-params" CachedAssetAwsExtraState = "iac-aws-extra-state" )
var ( QuestionAwsControlTowerCoreS3Bucket = "Provide the Arn of the S3 Bucket for consolidated CloudTrail:" QuestionAwsControlTowerCoreSnsTopic = "Provide the Arn of the SNS Topic:" QuestionAwsControlTowerCoreLogProfile = "Provide the aws profile of the 'log_archive' account:" QuestionAwsControlTowerCoreLogRegion = "Provide the aws region of the 'log_archive' account:" QuestionAwsControlTowerCoreAuditProfile = "Provide the aws profile of the 'audit' account:" QuestionAwsControlTowerCoreAuditRegion = "Provide the aws region of the 'audit' account:" QuestionAwsControlTowerConfigureAdvanced = "Configure advanced integration options?" QuestionAwsControlTowerCustomizeOutputLocation = "Provide the location for the output to be written:" ControlTowerConfigureExistingIamRoleOpt = "Configure existing Iam Role?" QuestionAwsControlTowerCoreIamRoleName = "Specify Existing Iam Role name:" QuestionAwsControlTowerCoreIamRoleArn = "Specify Existing Iam Arn:" QuestionAwsControlTowerCoreIamRoleExternalID = "Specify Existing Iam Role external ID:" ControlTowerIntegrationNameOpt = "Customize integration name?" QuestionControlTowerIntegrationName = "Specify a custom integration name:" ControlTowerIntegrationPrefixOpt = "Customize resource prefix name?" QuestionControlTowerPrefix = "Specify a prefix name for resources:" ControlTowerIntegrationSqsOpt = "Customize sqs queue name?" QuestionControlTowerSqsQueueName = "Specify a name for sqs queue:" QuestionControlTowerOrgAccountMappingsLWDefaultAccount = "Specify org account mappings default Lacework account:" QuestionControlTowerOrgAccountMappingAnotherAdvancedOpt = "Configure another org account mapping?" QuestionControlTowerOrgAccountMappingsLWAccount = "Specify lacework account: " QuestionControlTowerOrgAccountMappingsAwsAccounts = "Specify aws accounts:" ControlTowerAdvancedOptLocation = "Customize output location" ControlTowerAdvancedOptMappings = "Configure Org Account Mappings" QuestionControlTowerAnotherAdvancedOpt = "Configure another advanced integration option?" ControlTowerAdvancedOptDone = "Done" GenerateAwsControlTowerCommandState = &aws_controltower.GenerateAwsControlTowerTfConfigurationArgs{} GenerateAwsControlTowerCommandExtraState = &AwsControlTowerGenerateCommandExtraState{} CachedAssetAwsControlTowerIacParams = "iac-aws-controltower-generate-params" CachedAssetAwsControlTowerExtraState = "iac-aws-controltower-extra-state" )
var ( // Define question text here, so they can be reused in testing QuestionEksAuditMultiRegion = "Integrate clusters in more than one region?" QuestionEksAuditRegionClusterCurrent = "Currently configured regions and clusters: %s. " + "Configure additional?" QuestionEksAuditRegion = "Specify AWS region:" QuestionEksAuditRegionClusters = "Specify a comma-seperated list of clusters in region" + " to ingest EKS Audit Logs:" QuestionEksAuditAdditionalRegion = "Configure another AWS region?" QuestionEksAuditConfigureAdvanced = "Configure advanced integration options?" // S3 Bucket Questions QuestionUseExistingBucket = "Use existing bucket?" QuestionExistingBucketArn = "Specify an existing bucket ARN used for EKS audit log:" EksAuditConfigureBucket = "Configure bucket settings" QuestionEksAuditBucketVersioning = "Enable access versioning on the new bucket?" QuestionEksAuditMfaDeleteS3Bucket = "Should MFA object deletion be required for the new bucket?" QuestionEksAuditBucketLifecycle = "Specify the bucket lifecycle expiration days: (optional)" QuestionEksAuditBucketEncryption = "Enable encryption for the new bucket?" QuestionEksAuditBucketSseAlgorithm = "Specify the bucket SSE Algorithm: (optional)" QuestionEksAuditBucketExistingKey = "Use existing KMS key?" QuestionEksAuditBucketKeyArn = "Specify the bucket existing SSE KMS key ARN:" QuestionEksAuditKmsKeyRotation = "Should the KMS key have rotation enabled?" QuestionEksAuditKmsKeyDeletionDays = "Specify the KMS key deletion days: (optional)" // SNS Topic Questions EksAuditConfigureSns = "Configure SNS settings" QuestionEksAuditSnsEncryption = "Enable encryption on SNS topic when creating?" QuestionEksAuditSnsEncryptionKeyArn = "Specify existing KMS encryption key ARN for SNS topic (optional)" // Cloudwatch IAM Questions EksAuditExistingCwIamRole = "Configure and use existing Cloudwatch IAM role" QuestionEksAuditExistingCwIamArn = "Specify an existing Cloudwatch IAM role ARN:" // Firehose Questions EksAuditConfigureFh = "Configure Firehose settings" QuestionEksAuditExistingFhIamRole = "Use existing Firehose IAM role?" QuestionEksAuditExistingFhIamArn = "Specify an existing Firehose IAM role ARN:" QuestionEksAuditFhEncryption = "Enable encryption on Firehose when creating?" QuestionEksAuditFhEncryptionKeyArn = "Specify existing KMS encryption key ARN for Firehose (optional)" // Cross Account IAM Questions EksAuditExistingCaIamRole = "Configure and use existing Cross Account IAM role" QuestionEksAuditExistingCaIamArn = "Specify an existing Cross Account IAM role ARN:" QuestionEksAuditExistingCaIamExtID = "Specify the external ID to be used with the existing IAM role:" // Customize integration name EksAuditIntegrationNameOpt = "Customize integration name" QuestionEksAuditCustomIntegrationName = "Specify a custom integration name: (optional)" // Customize output location EksAuditAdvancedOptLocation = "Customize output location" QuestionEksAuditCustomizeOutputLocation = "Provide the location for the output to be written:" QuestionEksAuditAnotherAdvancedOpt = "Configure another advanced integration option" EksAuditAdvancedOptDone = "Done" // AwsEksAuditRegionRegex regex used for validating region input; note intentionally does not match gov cloud AwsEksAuditRegionRegex = `(af|ap|ca|eu|me|sa|us)-(central|(north|south)?(east|west)?)-\d` GenerateAwsEksAuditCommandState = &aws_eks_audit.GenerateAwsEksAuditTfConfigurationArgs{} GenerateAwsEksAuditCommandExtraState = &AwsEksAuditGenerateCommandExtraState{} GenerateAwsEksAuditExistingRoleState = &aws_eks_audit.ExistingCrossAccountIamRoleDetails{} CachedAssetAwsEksAuditIacParams = "iac-aws-eks-audit-generate-params" CachedAssetAwsEksAuditExtraState = "iac-aws-eks-audit-extra-state" )
var ( // Define question text here so they can be reused in testing QuestionAzureEnableConfig = "Enable Azure configuration integration?" QuestionAzureConfigName = "Specify custom configuration integration name: (optional)" QuestionEnableActivityLog = "Enable Azure Activity Log Integration?" QuestionActivityLogName = "Specify custom Activity Log integration name: (optional)" QuestionAddAzureSubscriptionID = "Set Azure Subscription ID?" QuestionAzureSubscriptionID = "Specify the Azure Subscription ID to be used to provision " + "Lacework resources: (optional)" QuestionAzureAnotherAdvancedOpt = "Configure another advanced integration option" QuestionAzureConfigAdvanced = "Configure advanced integration options?" QuestionAzureCustomizeOutputLocation = "Provide the location for the output to be written:" // Active Directory QuestionEnableAdIntegration = "Create Active Directory Integration?" QuestionADApplicationPass = "Specify the password of an existing Active Directory application" QuestionADApplicationId = "Specify the ID of an existing Active Directory application" QuestionADServicePrincpleId = "Specify the Service Principle ID of an existing Active Directory application" // Storage Account QuestionUseExistingStorageAccount = "Use an existing Storage Account?" QuestionAzureRegion = "Specify the Azure region to be used by Storage Account logging" QuestionStorageAccountName = "Specify existing Storage Account name" QuestionStorageAccountResourceGroup = "Specify existing Storage Account Resource Group" QuestionStorageLocation = "Specify Azure region where Storage Account for logging resides " // Subscriptions QuestionEnableAllSubscriptions = "Enable all subscriptions?" QuestionSubscriptionIds = "Specify list of subscription ids to enable logging" // Management Group QuestionEnableManagementGroup = "Enable Management Group level Integration?" QuestionManagementGroupId = "Specify Management Group ID" // Select options AzureAdvancedOptDone = "Done" AdvancedAdIntegration = "Configure Lacework integration with an existing Active Directory (optional)" AzureExistingStorageAcount = "Configure Storage Account (optional)" AzureSubscriptions = "Configure Subscriptions (optional)" AzureManagmentGroup = "Configure Management Group (optional)" AzureStorageGroup = "Configure Storage Group (optional)" AzureUserIntegrationNames = "Customize integration name(s)" AzureAdvancedOptLocation = "Customize output location (optional)" AzureRegionStorage = "Customize Azure region for Storage Account (optional)" GenerateAzureCommandState = &azure.GenerateAzureTfConfigurationArgs{} GenerateAzureCommandExtraState = &AzureGenerateCommandExtraState{} CachedAzureAssetIacParams = "iac-azure-generate-params" CachedAzureAssetExtraState = "iac-azure-extra-state" )
var ( // Define question text here to be reused in testing QuestionGcpEnableConfiguration = "Enable configuration integration?" QuestionGcpEnableAuditLog = "Enable Audit Log integration?" QuestionUsePubSubAudit = "Use Pub Sub Audit Log?" QuestionGcpOrganizationIntegration = "Organization integration?" QuestionGcpOrganizationID = "Specify the GCP organization ID:" QuestionGcpProjectID = "Specify the project ID to be used to provision Lacework resources:" QuestionGcpServiceAccountCredsPath = "Specify service account credentials JSON path: (optional)" QuestionGcpConfigureAdvanced = "Configure advanced integration options?" GcpAdvancedOptExistingServiceAccount = "Configure & use existing service account" QuestionExistingServiceAccountName = "Specify an existing service account name:" QuestionExistingServiceAccountPrivateKey = "Specify an existing service account private key (base64 encoded):" GcpAdvancedOptAuditLog = "Configure additional Audit Log options" QuestionGcpUseExistingBucket = "Use an existing bucket?" QuestionGcpExistingBucketName = "Specify an existing bucket name:" QuestionGcpConfigureNewBucket = "Configure settings for new bucket?" QuestionGcpBucketRegion = "Specify the bucket region: (optional)" QuestionGcpCustomBucketName = "Specify a custom bucket name: (optional)" QuestionGcpBucketLifecycle = "Specify the bucket lifecycle rule age: (optional)" QuestionGcpEnableUBLA = "Enable uniform bucket level access(UBLA)?" QuestionGcpUseExistingSink = "Use an existing sink?" QuestionGcpExistingSinkName = "Specify the existing sink name" GcpAdvancedOptIntegrationName = "Customize integration name(s)" QuestionGcpConfigurationIntegrationName = "Specify a custom configuration integration name: (optional)" QuestionGcpAuditLogIntegrationName = "Specify a custom Audit Log integration name: (optional)" QuestionGcpAnotherAdvancedOpt = "Configure another advanced integration option" GcpAdvancedOptLocation = "Customize output location" GcpAdvancedOptProjects = "Configure multiple projects" QuestionGcpCustomizeOutputLocation = "Provide the location for the output to be written:" QuestionGcpCustomizeProjects = "Provide comma separated list of project ID" QuestionGcpCustomFilter = "Specify a custom Audit Log filter which supersedes all other filter options" GcpAdvancedOptDone = "Done" // GcpRegionRegex regex used for validating region input GcpRegionRegex = `(asia|australia|europe|northamerica|southamerica|us)-(central|(north|south)?(east|west)?)\d` GenerateGcpCommandState = &gcp.GenerateGcpTfConfigurationArgs{} GenerateGcpExistingServiceAccountDetails = &gcp.ExistingServiceAccountDetails{} GenerateGcpCommandExtraState = &GcpGenerateCommandExtraState{} CachedGcpAssetIacParams = "iac-gcp-generate-params" CachedAssetGcpExtraState = "iac-gcp-extra-state" InvalidProjectIDMessage = "invalid GCP project ID. " + "It must be 6 to 30 lowercase ASCII letters, digits, or hyphens. " + "It must start with a letter. Trailing hyphens are prohibited. Example: tokyo-rain-123" )
var ( QuestionGkeOrganizationIntegration = "Organization integration?" QuestionGkeOrganizationID = "Specify the GCP organization ID:" QuestionGkeProjectID = "Specify the project ID to be used to provision Lacework resources:" QuestionGkeServiceAccountCredsPath = "Specify service account credentials JSON path: (optional)" QuestionGkeConfigureAdvanced = "Configure advanced integration options?" GkeAdvancedOpt = "Configure additional options" QuestionGkeUseExistingSink = "Use an existing sink?" QuestionGkeExistingSinkName = "Specify the existing sink name" GkeAdvancedOptIntegrationName = "Customize integration name(s)" QuestionGkeIntegrationName = "Specify a custom integration name: (optional)" GkeAdvancedOptExistingServiceAccount = "Configure & use existing service account" QuestionGkeExistingServiceAccountName = "Specify an existing service account name:" QuestionGkeExistingServiceAccountPrivateKey = "Specify an existing service account private key" + " (base64 encoded):" // guardrails-disable-line GkeAdvancedOptLocation = "Customize output location" QuestionGkeCustomizeOutputLocation = "Provide the location for the output to be written:" QuestionGkeAnotherAdvancedOpt = "Configure another advanced integration option" GkeAdvancedOptDone = "Done" GenerateGkeCommandState = &gcp.GenerateGkeTfConfigurationArgs{} GenerateGkeExistingServiceAccount = &gcp.ServiceAccount{} GenerateGkeCommandExtraState = &GkeGenerateCommandExtraState{} CachedGkeAssetIacParams = "iac-gke-generate-params" CachedGkeAssetExtraState = "iac-gke-extra-state" )
var ( // questions QuestionOciEnableConfig = "Enable configuration integration?" QuestionOciTenantOcid = "Specify the OCID of the tenant to be integrated" QuestionOciUserEmail = "Specify the email address to associate with the integration OCI user" QuestionOciConfigAdvanced = "Configure advanced integration options?" QuestionOciConfigName = "Specify name of configuration integration (optional)" QuestionOciCustomizeOutputLocation = "Provide the location for the output to be written:" QuestionOciAnotherAdvancedOpt = "Configure another advanced integration option" // options OciAdvancedOptDone = "Done" OciAdvancedOptLocation = "Customize output location" OciAdvancedOptIntegrationName = "Customize integration name" // state GenerateOciCommandState = &oci.GenerateOciTfConfigurationArgs{} GenerateOciCommandExtraState = &OciGenerateCommandExtraState{} // cache keys CachedOciAssetIacParams = "iac-oci-generate-params" CachedAssetOciExtraState = "iac-oci-extra-state" )
var ( // HoneyApiKey is a variable that is injected at build time via // the cross-platform directive inside the Makefile, this key is // used to send events to Honeycomb so that we can understand how // our customers use the Lacework CLI HoneyApiKey = "unknown" // HoneyDataset is the dataset in Honeycomb that we send tracing // data this variable will be set depending on the environment we // are running on. During development, we send all events and // tracing data to a default dataset. HoneyDataset = "lacework-cli-dev" )
var ( CreateReportDefinitionQuestion = "Create from an existing report definition template?" CreateReportDefinitionReportNameQuestion = "Report Name: " CreateReportDefinitionDisplayNameQuestion = "Display Name: " CreateReportDefinitionReportSubTypeQuestion = "Report SubType: " CreateReportDefinitionAddSectionQuestion = "Add another policy section?" CreateReportDefinitionSectionTitleQuestion = "Section Title: " CreateReportDefinitionPoliciesQuestion = "Select Policies in this Section: " SelectReportDefinitionQuestion = "Select an existing report definition as a template?" UpdateReportDefinitionQuestion = "Update report definition in editor?" UpdateReportDefinitionReportNameQuestion = "Report Name: " UpdateReportDefinitionDisplayNameQuestion = "Display Name: " UpdateReportDefinitionEditSectionQuestion = "Update an existing policy section?" UpdateReportDefinitionEditAnotherSectionQuestion = "Update another existing policy section?" UpdateReportDefinitionAddSectionQuestion = "Add a new policy section?" UpdateReportDefinitionSelectSectionQuestion = "Select a section to edit" )
var ( CreateReportDistributionReportNameQuestion = "Report Distribution Name: " CreateReportDistributionFrequencyQuestion = "Select Frequency: " CreateReportDistributionDefinitionQuestion = "Select Report Definition: " CreateReportDistributionAlertChannelsQuestion = "Select Alert Channels: " CreateReportDistributionResourceGroupsQuestion = "Select Resource Groups: " CreateReportDistributionIntegrationAwsQuestion = "Select Aws Accounts: " CreateReportDistributionAddSeveritiesQuestion = "Add Severities? " CreateReportDistributionSeveritiesQuestion = "Select Severities: " CreateReportDistributionAddViolationsQuestion = "Add Violations? " CreateReportDistributionScopeQuestion = "Select Distribution Scope:" CreateReportDistributionViolationsQuestion = "Select Violations: " UpdateReportDistributionReportNameQuestion = "Update Report Distribution Name? " UpdateReportDistributionFrequencyQuestion = "Update Frequency?" UpdateReportDistributionAlertChannelsQuestion = "Update Alert Channels? " UpdateReportDistributionAddSeveritiesQuestion = "Update Severities? " UpdateReportDistributionAddViolationsQuestion = "Update Violations? " )
var ( // All the following "unknown" variables are being injected at // build time via the cross-platform directive inside the Makefile // // Version is the semver coming from the VERSION file Version = "unknown" // GitSHA is the git ref that the cli was built from GitSHA = "unknown" // BuildTime is a human-readable time when the cli was built at BuildTime = "unknown" // The name of the version cache file needed for daily version checks VersionCacheFile = "version_cache" )
var SupportedPackageManagers = []string{"dpkg-query", "rpm"} // @afiune can we support yum and apk?
    Functions ¶
func CacheTransform ¶ added in v0.10.0
func CacheTransform(key string) *diskv.PathKey
func DisplayTerraformPlanChanges ¶ added in v0.23.0
func DisplayTerraformPlanChanges(tf *tfexec.Terraform, data TfPlanChangesSummary) (bool, error)
DisplayTerraformPlanChanges used to display the results of a plan
returns true if apply should run, false to exit
func Execute ¶
func Execute() (err error)
Execute adds all child commands to the root command and sets flags appropriately. This is called by main.main(). It only needs to happen once to the rootCmd.
func GenerateMarkdownDocs ¶ added in v0.2.4
func InverseCacheTransform ¶ added in v0.10.0
func InverseCacheTransform(pathKey *diskv.PathKey) string
func LocateOrInstallTerraform ¶ added in v0.23.0
LocateOrInstallTerraform Determine if terraform is installed, if that version is new enough, and if not install a new ephemeral binary of the correct version into tmp location
forceInstall: if set always install ephemeral binary
func NewDefaultState ¶ added in v0.1.3
func NewDefaultState() *cliState
NewDefaultState creates a new cliState with some defaults
func NewQueryFailonError ¶ added in v0.36.0
func NewVulnerabilityPolicyError ¶ added in v0.4.0
func NewVulnerabilityPolicyError( assessment api.VulnerabilityAssessment, failOnSeverity string, failOnFixable bool, ) *vulnerabilityPolicyError
func NewVulnerabilityPolicyErrorV2 ¶ added in v1.0.0
func NewVulnerabilityPolicyErrorV2( assessment api.VulnerabilitiesContainersResponse, failOnSeverity string, failOnFixable bool, ) *vulnerabilityPolicyError
func SurveyMultipleQuestionWithValidation ¶ added in v0.23.0
func SurveyMultipleQuestionWithValidation(questions []SurveyQuestionWithValidationArgs, checks ...bool) error
SurveyMultipleQuestionWithValidation Prompt for many values at once
checks: If supplied check(s) are true, questions will be asked
func SurveyQuestionInteractiveOnly ¶ added in v0.23.0
func SurveyQuestionInteractiveOnly(question SurveyQuestionWithValidationArgs) error
SurveyQuestionInteractiveOnly Prompt use for question, only if the CLI is in interactive mode
func TerraformExecApply ¶ added in v0.23.0
TerraformExecApply Run terraform apply using the workingDir from *tfexec.Terraform
- Run plan - Get plan file details (returned)
func TerraformExecutePreRunCheck ¶ added in v0.23.0
func TerraformInit ¶ added in v0.23.0
func TerraformPlanAndExecute ¶ added in v0.23.0
Execute a terraform plan & execute
Types ¶
type AwsControlTowerGenerateCommandExtraState ¶ added in v1.28.0
type AwsEksAuditGenerateCommandExtraState ¶ added in v0.45.0
type AwsGenerateCommandExtraState ¶ added in v0.23.0
type AzureGenerateCommandExtraState ¶ added in v0.30.0
type CmdFilters ¶ added in v0.25.0
type CmdFilters struct {
	Filters []string
}
    Used to store the list of available filters from a CLI command
E.g. get available filters for a cobra.Command.Long
```go
dummyCmdState = struct {
    // The available filters
    AvailableFilters CmdFilters
    // List of filters to apply
    Filters []string
	}{}
dummyCmdState := &cobra.Command{
    Long: `The available keys for this command are:
` + stringSliceToMarkdownList(
dummyCmdState.AvailableFilters.GetFiltersFrom(
    api.MachineDetailEntity{},
 ),
)} ```
func (*CmdFilters) GetFiltersFrom ¶ added in v0.25.0
func (f *CmdFilters) GetFiltersFrom(T interface{}) []string
type GcpGenerateCommandExtraState ¶ added in v0.28.0
type GkeGenerateCommandExtraState ¶ added in v0.43.0
type Honeyvent ¶ added in v0.2.12
type Honeyvent struct {
	Version       string      `json:"version"`
	CfgVersion    int         `json:"config_version"`
	Os            string      `json:"os"`
	Arch          string      `json:"arch"`
	Command       string      `json:"command,omitempty"`
	Args          []string    `json:"args,omitempty"`
	Flags         []string    `json:"flags,omitempty"`
	Account       string      `json:"account,omitempty"`
	Subaccount    string      `json:"subaccount,omitempty"`
	Profile       string      `json:"profile,omitempty"`
	ApiKey        string      `json:"api_key,omitempty"`
	Feature       string      `json:"feature,omitempty"`
	FeatureData   interface{} `json:"feature.data,omitempty"`
	DurationMs    int64       `json:"duration_ms,omitempty"`
	Error         string      `json:"error,omitempty"`
	InstallMethod string      `json:"install_method,omitempty"`
	Component     string      `json:"component,omitempty"`
	// tracing data for multiple events, this is useful for specific features
	// within the Lacework CLI such as daily version check, polling mechanism, etc.
	TraceID   string `json:"trace.trace_id,omitempty"`
	SpanID    string `json:"trace.span_id,omitempty"`
	ParentID  string `json:"trace.parent_id,omitempty"`
	ContextID string `json:"trace.context_id,omitempty"`
}
    Honeyvent defines what a Honeycomb event looks like for the Lacework CLI
func (*Honeyvent) AddFeatureField ¶ added in v0.2.13
type LCLContentType ¶ added in v0.36.0
type LCLContentType string
const ( LCLQueryType LCLContentType = "query" LCLPolicyType LCLContentType = "policy" )
type LCLQuery ¶ added in v0.36.0
type LCLQuery struct {
	References []LCLReference `json:"references"`
}
    type LCLReference ¶ added in v0.36.0
type LCLReference struct {
	ID   string         `json:"id"`
	Type LCLContentType `json:"content_type"`
	Path string         `json:"path"`
	URI  string         `json:"uri"`
}
    type LaceworkContentLibrary ¶ added in v0.36.0
type LaceworkContentLibrary struct {
	Component  *lwcomponent.Component
	Queries    map[string]LCLQuery  `json:"queries"`
	Policies   map[string]LCLPolicy `json:"policies"`
	PolicyTags map[string][]string  `json:"policy_tags"`
}
    func (*LaceworkContentLibrary) GetPoliciesByTag ¶ added in v0.36.0
func (lcl *LaceworkContentLibrary) GetPoliciesByTag(t string) map[string]LCLPolicy
type OciGenerateCommandExtraState ¶ added in v1.31.0
type PolicyExceptionSurveyQuestion ¶ added in v1.12.0
type PolicyExceptionSurveyQuestion struct {
	// contains filtered or unexported fields
}
    type PolicySyncOperation ¶ added in v0.36.0
type SurveyQuestionWithValidationArgs ¶ added in v0.23.0
type TfPlanChangesSummary ¶ added in v0.24.0
type TfPlanChangesSummary struct {
	// contains filtered or unexported fields
}
    func TerraformExecPlan ¶ added in v0.23.0
func TerraformExecPlan(tf *tfexec.Terraform) (*TfPlanChangesSummary, error)
TerraformExecPlan Run terraform plan using the workingDir from *tfexec.Terraform
- Run plan - Get plan file details (returned)
type VulnCveSummary ¶ added in v1.0.0
type VulnCveSummary struct {
	Host      api.VulnerabilityHost
	Count     int
	Hostnames []string
}
    
       Source Files
      ¶
      Source Files
      ¶
    
- access_token.go
- account.go
- agent.go
- agent_aws-install_ec2ic.go
- agent_aws-install_ec2ssh.go
- agent_aws-install_ec2ssm.go
- agent_gcp-install-osl.go
- agent_install.go
- agent_list.go
- alert.go
- alert_channel.go
- alert_close.go
- alert_comment.go
- alert_list.go
- alert_list_fixable.go
- alert_profiles.go
- alert_rules.go
- alert_show.go
- alert_show_details.go
- alert_show_events.go
- alert_show_integrations.go
- alert_show_investigation.go
- alert_show_related.go
- alert_show_timeline.go
- api.go
- aws.go
- awsiam.go
- cache.go
- cdk.go
- cli_state.go
- cli_unix.go
- cloud_account.go
- compliance.go
- compliance_aws.go
- compliance_azure.go
- compliance_gcp.go
- component.go
- component_args.go
- component_dev.go
- configure.go
- configure_switch_profile.go
- container_registry.go
- content_library.go
- docs.go
- emoji.go
- emoji_unix.go
- errors.go
- errors_lql.go
- flags.go
- gcp.go
- generate.go
- generate_aws.go
- generate_aws_controltower.go
- generate_aws_eks_audit.go
- generate_azure.go
- generate_cloud_account.go
- generate_execute.go
- generate_gcp.go
- generate_gke.go
- generate_k8s.go
- generate_oci.go
- honeyvent.go
- integration_aws.go
- integration_aws_cloudwatch.go
- integration_aws_govcloud.go
- integration_aws_s3_channel.go
- integration_azure.go
- integration_cisco_webex.go
- integration_ctr_reg_limits.go
- integration_datadog.go
- integration_docker_hub.go
- integration_docker_v2.go
- integration_ecr.go
- integration_email.go
- integration_gar.go
- integration_gcp.go
- integration_gcp_pub_sub_audit.go
- integration_gcp_pub_sub_channel.go
- integration_gcr.go
- integration_ghcr.go
- integration_inline_scanner.go
- integration_jira.go
- integration_microsoft_teams.go
- integration_new_relic_channel.go
- integration_oci.go
- integration_pagerduty.go
- integration_proxy_scanner.go
- integration_qradar_channel.go
- integration_service_now_channel.go
- integration_slack_channel.go
- integration_splunk.go
- integration_victorops.go
- integration_webhook.go
- lql.go
- lql_create.go
- lql_delete.go
- lql_library.go
- lql_list.go
- lql_preview.go
- lql_show.go
- lql_sources.go
- lql_update.go
- lql_validate.go
- migration.go
- outputs.go
- package_manifest.go
- policy.go
- policy_create.go
- policy_delete.go
- policy_disable.go
- policy_enable.go
- policy_exceptions.go
- policy_library.go
- policy_update.go
- prompt.go
- report_definitions.go
- report_definitions_create.go
- report_definitions_diff.go
- report_definitions_revert.go
- report_definitions_update.go
- report_distributions.go
- report_distributions_create.go
- report_distributions_update.go
- report_rules.go
- resource_group_aws.go
- resource_group_azure.go
- resource_group_container.go
- resource_group_gcp.go
- resource_group_lw_account.go
- resource_group_machine.go
- resource_group_v2.go
- resource_groups.go
- root.go
- suppressions.go
- suppressions_aws.go
- suppressions_azure.go
- suppressions_gcp.go
- table_render.go
- team_members.go
- telemetry.go
- version.go
- vuln_container.go
- vuln_container_list_assessments.go
- vuln_container_list_registries.go
- vuln_container_scan.go
- vuln_container_show_assessments.go
- vuln_host.go
- vuln_host_gen_package_manifest.go
- vuln_host_list_cves.go
- vuln_host_list_hosts.go
- vuln_host_scan_package_manifest.go
- vuln_host_show_assessment.go
- vuln_html.go
- vulnerability.go
- vulnerability_exception_container.go
- vulnerability_exception_host.go
- vulnerabilty_exceptions.go