Documentation
¶
Index ¶
- Variables
- func BuildVPCNATGatewayParameterName(partner, stage, component string) string
- func CheckIPAuthorization(ctx context.Context, sourceIP string, ssmClient *ssm.Client, ...) (bool, error)
- func ExtractClientIP(headers map[string]string, requestContext map[string]any) (string, error)
- func IsAuthorizedIP(sourceIP string, config IPAuthorizationConfig) bool
- func IsAuthorizedIPSimple(sourceIP string, allowedIPList string) bool
- type AESEncryptor
- type APIKeyConfig
- type AWSSecretsManager
- func (asm *AWSSecretsManager) DeleteSecret(ctx context.Context, name string) error
- func (asm *AWSSecretsManager) GetJSONSecret(ctx context.Context, name string, target any) error
- func (asm *AWSSecretsManager) GetSecret(ctx context.Context, name string) (string, error)
- func (asm *AWSSecretsManager) PutJSONSecret(ctx context.Context, name string, value any) error
- func (asm *AWSSecretsManager) PutSecret(ctx context.Context, name string, value string) error
- func (asm *AWSSecretsManager) RotateSecret(ctx context.Context, name string) error
- type AccessControlData
- type AccessLogEntry
- type AdequacyDecision
- type AdvancedComplianceValidator
- type AggregateRiskScore
- type AggregatedDataPoint
- type AggregatedMetrics
- type AlertAction
- type AlertManager
- type AlertRule
- type AlertThresholds
- type AnalyticsConfig
- type AnalyticsDataPoint
- type AnalyticsDataStore
- type AnalyticsMetrics
- type AnalyticsQuery
- type Anomaly
- type AnomalyDetector
- type AnomalyPattern
- type AnomalyRecord
- type AssessedRiskFactor
- type AuditAnalyticsEngine
- func (aae *AuditAnalyticsEngine) AnalyzeBatch(ctx context.Context, events []*AuditEvent) (*BatchAnalysis, error)
- func (aae *AuditAnalyticsEngine) AnalyzeEvent(ctx context.Context, event *AuditEvent) (*EventAnalysis, error)
- func (aae *AuditAnalyticsEngine) GeneratePredictions(ctx context.Context, timeframe time.Duration) (*PredictionReport, error)
- func (aae *AuditAnalyticsEngine) GetAnalyticsMetrics(ctx context.Context) (*AnalyticsMetrics, error)
- func (aae *AuditAnalyticsEngine) SetAnomalyDetector(detector AnomalyDetector)
- func (aae *AuditAnalyticsEngine) SetDataStore(store AnalyticsDataStore)
- func (aae *AuditAnalyticsEngine) SetPredictiveModel(model PredictiveModel)
- func (aae *AuditAnalyticsEngine) SetRemediationEngine(engine RemediationEngine)
- func (aae *AuditAnalyticsEngine) SetRiskScorer(scorer RiskScorer)
- func (aae *AuditAnalyticsEngine) Start(ctx context.Context) error
- func (aae *AuditAnalyticsEngine) Stop() error
- type AuditDataPoint
- type AuditEntry
- type AuditEvent
- type AuditFilter
- type AuditLogEntry
- type AuditLogger
- type AuditLoggerMetrics
- type AuditMetrics
- type AuditQueryResult
- type AuditRequest
- type AuditRequirement
- type AuditResponse
- type AuditStorage
- type BCRResult
- type BCRValidation
- type BankingComplianceConfig
- type BankingComplianceTemplate
- func (bct *BankingComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
- func (bct *BankingComplianceTemplate) GetAudits() []AuditRequirement
- func (bct *BankingComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
- func (bct *BankingComplianceTemplate) GetControls() []ComplianceControl
- func (bct *BankingComplianceTemplate) GetIndustry() string
- func (bct *BankingComplianceTemplate) GetRegulations() []string
- func (bct *BankingComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
- func (bct *BankingComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
- type BatchAnalysis
- type BufferedAuditLogger
- func (bal *BufferedAuditLogger) GetAuditMetrics() AuditLoggerMetrics
- func (bal *BufferedAuditLogger) LogDataAccess(auditID string, access *DataAccessLog) error
- func (bal *BufferedAuditLogger) LogRequest(auditID string, request *AuditRequest) error
- func (bal *BufferedAuditLogger) LogResponse(auditID string, response *AuditResponse) error
- func (bal *BufferedAuditLogger) LogSecurityEvent(auditID string, event *SecurityEvent) error
- func (bal *BufferedAuditLogger) QueryAuditTrail(ctx context.Context, filter AuditFilter) (*AuditQueryResult, error)
- func (bal *BufferedAuditLogger) StartAudit(ctx LiftContext) string
- func (bal *BufferedAuditLogger) Stop() error
- func (bal *BufferedAuditLogger) VerifyIntegrity(ctx context.Context, auditID string) (bool, error)
- type BusinessContinuityData
- type CORSConfig
- type CachedSecret
- type CertificationStatus
- type ChangeManagementData
- type ComplianceAlert
- type ComplianceConfig
- type ComplianceContext
- type ComplianceControl
- type ComplianceDashboard
- func (cd *ComplianceDashboard) CreateDashboardLayout(_ context.Context, layout *DashboardLayout) error
- func (cd *ComplianceDashboard) DeleteDashboardLayout(_ context.Context, _ string) error
- func (cd *ComplianceDashboard) ExportDashboardData(ctx context.Context, format string, timeRange TimeRange) ([]byte, error)
- func (cd *ComplianceDashboard) GetDashboardLayout(_ context.Context, _ string) (*DashboardLayout, error)
- func (cd *ComplianceDashboard) GetDashboardMetrics(ctx context.Context, timeRange TimeRange) (*DashboardMetrics, error)
- func (cd *ComplianceDashboard) GetWidget(ctx context.Context, widgetID string, config WidgetConfig) (*DashboardWidget, error)
- func (cd *ComplianceDashboard) SetAlertManager(manager DashboardAlertManager)
- func (cd *ComplianceDashboard) SetCache(cache DashboardCache)
- func (cd *ComplianceDashboard) SetDataAggregator(aggregator DataAggregator)
- func (cd *ComplianceDashboard) SetMetricsEngine(engine MetricsEngine)
- func (cd *ComplianceDashboard) Start(ctx context.Context) error
- func (cd *ComplianceDashboard) Stop() error
- func (cd *ComplianceDashboard) UpdateDashboardLayout(_ context.Context, _ string, layout *DashboardLayout) error
- type ComplianceDataPoint
- type ComplianceException
- type ComplianceFinding
- type ComplianceFramework
- func (cf *ComplianceFramework) AddCustomRule(rule ComplianceRule)
- func (cf *ComplianceFramework) ComplianceAudit() LiftMiddleware
- func (cf *ComplianceFramework) GenerateComplianceReport(period time.Duration) (*ComplianceReport, error)
- func (cf *ComplianceFramework) GetComplianceStatus(_ context.Context) (*ComplianceResult, error)
- func (cf *ComplianceFramework) GetCustomRules() []ComplianceRule
- func (cf *ComplianceFramework) IsFrameworkEnabled(framework string) bool
- func (cf *ComplianceFramework) MarshalJSON() ([]byte, error)
- func (cf *ComplianceFramework) SetAuditor(auditor AuditLogger)
- func (cf *ComplianceFramework) SetReporter(reporter ComplianceReporter)
- func (cf *ComplianceFramework) SetValidator(validator ComplianceValidator)
- func (cf *ComplianceFramework) ValidateConfiguration() error
- type ComplianceIssue
- type ComplianceMetrics
- type CompliancePrediction
- type ComplianceRecommendation
- type ComplianceReport
- type ComplianceReporter
- type ComplianceResult
- type ComplianceRule
- type ComplianceSummary
- type ComplianceTemplate
- type ComplianceTest
- type ComplianceTestResult
- type ComplianceTrend
- type ComplianceValidator
- type ComplianceViolation
- type ConsentData
- type ConsentEvent
- type ConsentHistoryEntry
- type ConsentProof
- type ConsentPurpose
- type ConsentRecord
- type ConsentStore
- type ConsentUpdate
- type ConsentUpdates
- type ConsentWithdrawal
- type ContextualRiskFactor
- type ControlEvidence
- type ControlStatus
- type ControlTestResult
- type ControlTester
- type CrossBorderRule
- type CrossBorderTransfer
- type CrossBorderTransferLog
- type CrossBorderValidator
- type CustomMetric
- type CustomMetricQuery
- type DashboardAlert
- type DashboardAlertManager
- type DashboardCache
- type DashboardConfig
- type DashboardLayout
- type DashboardMetrics
- type DashboardSummary
- type DashboardWidget
- type DataAccessLog
- type DataAccessRequest
- type DataAccessResponse
- type DataAccessResult
- type DataAggregator
- type DataClassification
- type DataContext
- type DataDeletionProvider
- type DataDeletionRequest
- type DataDeletionResult
- type DataErasureRequest
- type DataErasureResponse
- type DataObjectionRequest
- type DataObjectionResponse
- type DataPoint
- type DataPortabilityRequest
- type DataPortabilityResponse
- type DataProcessingActivity
- type DataProcessingLog
- type DataProtectionConfig
- type DataProtectionData
- type DataProtectionManager
- func (dpm *DataProtectionManager) ClassifyData(data any, context map[string]any) *DataContext
- func (dpm *DataProtectionManager) ProtectData(dataCtx *DataContext, accessRequest DataProtectionRequest) (*DataAccessResult, error)
- func (dpm *DataProtectionManager) ValidateDataAccess(request DataProtectionRequest) *DataAccessResult
- func (dpm *DataProtectionManager) ValidateDataAccessFromGDPR(request any) *DataAccessResult
- type DataProtectionRequest
- type DataRecipient
- type DataRectificationRequest
- type DataRectificationResponse
- type DataSubjectRequestLog
- type DataSubjectRightsHandler
- type DataSummary
- type DataTokenizer
- type EcommerceComplianceConfig
- type EcommerceComplianceTemplate
- func (e *EcommerceComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
- func (e *EcommerceComplianceTemplate) GetAudits() []AuditRequirement
- func (e *EcommerceComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
- func (e *EcommerceComplianceTemplate) GetControls() []ComplianceControl
- func (e *EcommerceComplianceTemplate) GetIndustry() string
- func (e *EcommerceComplianceTemplate) GetRegulations() []string
- func (e *EcommerceComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
- func (e *EcommerceComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
- type EncryptedCachedSecret
- type EncryptedSecretCache
- func (c *EncryptedSecretCache) Clear()
- func (c *EncryptedSecretCache) Delete(key string)
- func (c *EncryptedSecretCache) Get(key string) (string, error)
- func (c *EncryptedSecretCache) GetCacheInfo() map[string]any
- func (c *EncryptedSecretCache) Set(key, value string) error
- func (c *EncryptedSecretCache) Size() int
- type EnhancedAuditConfig
- type EnhancedAuditLogger
- type EnhancedComplianceConfig
- type EnhancedComplianceFramework
- func (ecf *EnhancedComplianceFramework) AddIndustryTemplate(industry string, template ComplianceTemplate)
- func (ecf *EnhancedComplianceFramework) ApplyIndustryTemplate(industry string) ([]LiftMiddleware, error)
- func (ecf *EnhancedComplianceFramework) GDPRPrivacy() LiftMiddleware
- func (ecf *EnhancedComplianceFramework) SOC2TypeII() LiftMiddleware
- func (ecf *EnhancedComplianceFramework) SetAdvancedValidator(validator AdvancedComplianceValidator)
- func (ecf *EnhancedComplianceFramework) SetEnhancedAuditor(auditor EnhancedAuditLogger)
- type EventAnalysis
- type Evidence
- type EvidenceCollector
- type EvidenceRequirement
- type EvidenceValidation
- type ExceptionResolution
- type ExceptionTracker
- type ExceptionTrends
- type FeatureExtractionConfig
- type FeatureExtractor
- type FileSecretsProvider
- func (fsp *FileSecretsProvider) ClearRotationHistory()
- func (fsp *FileSecretsProvider) DeleteSecret(_ context.Context, name string) error
- func (fsp *FileSecretsProvider) GetAllRotationHistory() map[string][]RotationRecord
- func (fsp *FileSecretsProvider) GetRotationHistory(name string) []RotationRecord
- func (fsp *FileSecretsProvider) GetSecret(_ context.Context, name string) (string, error)
- func (fsp *FileSecretsProvider) IsRotationEnabled() bool
- func (fsp *FileSecretsProvider) PutSecret(_ context.Context, name string, value string) error
- func (fsp *FileSecretsProvider) RotateSecret(_ context.Context, name string) error
- func (fsp *FileSecretsProvider) SetRotationEnabled(enabled bool)
- func (fsp *FileSecretsProvider) SimulateRotationFailure(_ context.Context, name string, errorMessage string) error
- type ForecastPoint
- type GDPRAuditLogger
- type GDPRConfig
- type GDPRConsentConfig
- type GDPRConsentManager
- func (gcm *GDPRConsentManager) ConductPIA(ctx context.Context, request *PIARequest) (*PIAResult, error)
- func (gcm *GDPRConsentManager) GetConsent(ctx context.Context, dataSubjectID, purpose string) (*ConsentRecord, error)
- func (gcm *GDPRConsentManager) HandleAccessRequest(ctx context.Context, request *DataAccessRequest) (*DataAccessResponse, error)
- func (gcm *GDPRConsentManager) HandleErasureRequest(ctx context.Context, request *DataErasureRequest) (*DataErasureResponse, error)
- func (gcm *GDPRConsentManager) ProcessDataSubjectRequest(ctx context.Context, request *DataAccessRequest) error
- func (gcm *GDPRConsentManager) RecordConsent(ctx context.Context, consent *ConsentRecord) error
- func (gcm *GDPRConsentManager) SetAuditLogger(logger GDPRAuditLogger)
- func (gcm *GDPRConsentManager) SetConsentStore(store ConsentStore)
- func (gcm *GDPRConsentManager) SetCrossBorderValidator(validator CrossBorderValidator)
- func (gcm *GDPRConsentManager) SetDataSubjectRightsHandler(handler DataSubjectRightsHandler)
- func (gcm *GDPRConsentManager) SetPrivacyImpactAssessment(pia PrivacyImpactAssessment)
- func (gcm *GDPRConsentManager) UpdateConsent(ctx context.Context, consentID string, updates *ConsentUpdate) error
- func (gcm *GDPRConsentManager) WithdrawConsent(ctx context.Context, consentID string, withdrawal *ConsentWithdrawal) error
- type GDPREvent
- type GovernmentComplianceConfig
- type GovernmentComplianceTemplate
- func (gct *GovernmentComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
- func (gct *GovernmentComplianceTemplate) GetAudits() []AuditRequirement
- func (gct *GovernmentComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
- func (gct *GovernmentComplianceTemplate) GetControls() []ComplianceControl
- func (gct *GovernmentComplianceTemplate) GetIndustry() string
- func (gct *GovernmentComplianceTemplate) GetRegulations() []string
- func (gct *GovernmentComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
- func (gct *GovernmentComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
- type HealthcareComplianceConfig
- type HealthcareComplianceTemplate
- func (hct *HealthcareComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
- func (hct *HealthcareComplianceTemplate) GetAudits() []AuditRequirement
- func (hct *HealthcareComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
- func (hct *HealthcareComplianceTemplate) GetControls() []ComplianceControl
- func (hct *HealthcareComplianceTemplate) GetIndustry() string
- func (hct *HealthcareComplianceTemplate) GetRegulations() []string
- func (hct *HealthcareComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
- func (hct *HealthcareComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
- type IPAuthorizationConfig
- type IPAuthorizationService
- type IPExtractionError
- type IdentityVerification
- type InMemoryAuditStorage
- func (imas *InMemoryAuditStorage) BatchStore(_ context.Context, entries []AuditLogEntry) error
- func (imas *InMemoryAuditStorage) Clear()
- func (imas *InMemoryAuditStorage) Query(_ context.Context, filter AuditFilter) ([]AuditLogEntry, error)
- func (imas *InMemoryAuditStorage) Store(_ context.Context, entry AuditLogEntry) error
- type IncidentForecast
- type IncidentImpact
- type IncidentRecord
- type IncidentResponseData
- type IndustryComplianceReport
- type IndustryComplianceTemplate
- type IndustryComplianceTemplateManager
- func (ictm *IndustryComplianceTemplateManager) GetAvailableIndustries() []string
- func (ictm *IndustryComplianceTemplateManager) GetTemplate(industry string) (IndustryComplianceTemplate, error)
- func (ictm *IndustryComplianceTemplateManager) RegisterTemplate(industry string, template IndustryComplianceTemplate)
- type IndustryRiskAssessment
- type IndustryRiskFactor
- type IndustryTemplate
- type JWTConfig
- type LiftContext
- type LiftHandler
- type LiftHandlerFunc
- type LiftMiddleware
- type Logger
- type MLRiskScorer
- func (mrs *MLRiskScorer) CalculateAggregateRisk(ctx context.Context, events []*AuditEvent) (*AggregateRiskScore, error)
- func (mrs *MLRiskScorer) CalculateRiskScore(ctx context.Context, event *AuditEvent) (*RiskScore, error)
- func (mrs *MLRiskScorer) GetRiskFactors() []RiskFactor
- func (mrs *MLRiskScorer) SetModel(model RiskModel)
- func (mrs *MLRiskScorer) UpdateRiskModel(_ context.Context, feedback []*RiskFeedback) error
- type MaskingRule
- type MetricResult
- type MetricSummary
- type MetricsEngine
- type MetricsQuery
- type MitigationMeasure
- type MockSecretsProvider
- func (msp *MockSecretsProvider) DeleteSecret(_ context.Context, name string) error
- func (msp *MockSecretsProvider) GetSecret(_ context.Context, name string) (string, error)
- func (msp *MockSecretsProvider) PutSecret(_ context.Context, name string, value string) error
- func (msp *MockSecretsProvider) RotateSecret(_ context.Context, name string) error
- func (msp *MockSecretsProvider) SetSecret(name, value string)
- type ModelMetrics
- type MonitoringScheduler
- type PIAFilters
- type PIAFinding
- type PIAQuestion
- type PIARecommendation
- type PIARequest
- type PIAResult
- type PIARiskFactor
- type PIATemplate
- type PIAUpdate
- type PerformanceMetrics
- type PerformanceTargets
- type Permission
- type PredictionReport
- type PredictiveModel
- type PredictiveRiskFactor
- type Principal
- func (p *Principal) CanAccessResource(resource, _ string) bool
- func (p *Principal) HasAllRoles(roles ...string) bool
- func (p *Principal) HasAnyRole(roles ...string) bool
- func (p *Principal) HasRole(role string) bool
- func (p *Principal) HasScope(scope string) bool
- func (p *Principal) IsExpired() bool
- func (p *Principal) IsSameTenant(tenantID string) bool
- func (p *Principal) IsValidForTenant(tenantID string) bool
- func (p *Principal) ToAuditMap() map[string]any
- type PrincipalBuilder
- func (b *PrincipalBuilder) AddRole(role string) *PrincipalBuilder
- func (b *PrincipalBuilder) AddScope(scope string) *PrincipalBuilder
- func (b *PrincipalBuilder) Build() *Principal
- func (b *PrincipalBuilder) Validate() error
- func (b *PrincipalBuilder) WithAccountID(accountID string) *PrincipalBuilder
- func (b *PrincipalBuilder) WithAuthMethod(method string) *PrincipalBuilder
- func (b *PrincipalBuilder) WithExpiration(duration time.Duration) *PrincipalBuilder
- func (b *PrincipalBuilder) WithRequest(ipAddress, userAgent, requestID string) *PrincipalBuilder
- func (b *PrincipalBuilder) WithRoles(roles ...string) *PrincipalBuilder
- func (b *PrincipalBuilder) WithScopes(scopes ...string) *PrincipalBuilder
- func (b *PrincipalBuilder) WithTenantID(tenantID string) *PrincipalBuilder
- func (b *PrincipalBuilder) WithUserID(userID string) *PrincipalBuilder
- type PrivacyBreachLog
- type PrivacyImpactAssessment
- type ProcessingValidation
- type RateLimitConfig
- type RegulationCompliance
- type RemediationEngine
- type RemediationPlan
- type RemediationResult
- type RemediationStep
- type RemediationTemplate
- type Request
- type RequestStatus
- type RequestValidationConfig
- type Response
- type RiskAssessment
- type RiskAssessmentData
- type RiskAssessmentTemplate
- type RiskBaseline
- type RiskContext
- type RiskDataPoint
- type RiskFactor
- type RiskFeatureExtractor
- type RiskFeedback
- type RiskMetrics
- type RiskMitigation
- type RiskModel
- type RiskScenario
- type RiskScore
- type RiskScorer
- type RiskScoringConfig
- type RiskThresholdConfig
- type Role
- type RollbackPlan
- type RotationRecord
- type SCCResult
- type SCCValidation
- type SOC2ComplianceStatus
- type SOC2ContinuousMonitor
- func (scm *SOC2ContinuousMonitor) GetComplianceStatus(ctx context.Context) (*SOC2ComplianceStatus, error)
- func (scm *SOC2ContinuousMonitor) SetAlertManager(manager AlertManager)
- func (scm *SOC2ContinuousMonitor) SetControlTester(tester ControlTester)
- func (scm *SOC2ContinuousMonitor) SetEvidenceCollector(collector EvidenceCollector)
- func (scm *SOC2ContinuousMonitor) SetExceptionTracker(tracker ExceptionTracker)
- func (scm *SOC2ContinuousMonitor) Start(ctx context.Context) error
- func (scm *SOC2ContinuousMonitor) Stop() error
- type SOC2Control
- type SOC2Controls
- type SOC2MonitoringConfig
- type SOC2TypeIIConfig
- type SSMIPAuthorizer
- type SSMIPAuthorizerConfig
- type ScheduledTask
- type SecretCache
- type SecretsProvider
- type SecurityConfig
- type SecurityContext
- type SecurityError
- type SecurityEvent
- type SecurityLogEntry
- type StepResult
- type SystemEvidence
- type SystemMonitoringData
- type TenantRiskProfile
- type TestProcedure
- type ThreatIndicator
- type ThreatIntelligence
- type ThreatRiskFactor
- type ThreatVector
- type TimeRange
- type TrainingExample
- type TransferValidation
- type TrendAnalysis
- type TrendAnomaly
- type TrendDataPoint
- type TrendPrediction
- type URL
- type UserRiskProfile
- type ValidationIssue
- type ValidationResult
- type VendorManagementData
- type Vulnerability
- type WidgetConfig
- type WidgetPosition
- type WidgetSize
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrConsentNotFound = errors.New("consent not found") ErrInvalidEmail = errors.New("invalid email address") )
Error constants
Functions ¶
func BuildVPCNATGatewayParameterName ¶ added in v1.0.36
BuildVPCNATGatewayParameterName builds the SSM parameter name for VPC NAT gateway lists Example: pt-partner-paytheory-prod-gochallenge-vpc-nat-gateway-list The component parameter specifies the service-specific part of the parameter name
func CheckIPAuthorization ¶ added in v1.0.36
func CheckIPAuthorization(ctx context.Context, sourceIP string, ssmClient *ssm.Client, ssmParameterName string) (bool, error)
CheckIPAuthorization is a standalone helper function for one-off IP authorization checks This is useful when you don't want to create a service instance
func ExtractClientIP ¶ added in v1.0.36
ExtractClientIP extracts the client's source IP address from various headers and request context. It follows the precedence order commonly used in production environments: 1. X-Forwarded-For (first IP in comma-separated list) 2. X-Real-IP 3. CF-Connecting-IP (Cloudflare) 4. X-Original-Forwarded-For 5. Request context (API Gateway specific)
Returns an error if no valid IP address can be extracted.
func IsAuthorizedIP ¶ added in v1.0.36
func IsAuthorizedIP(sourceIP string, config IPAuthorizationConfig) bool
IsAuthorizedIP checks if the given IP address is authorized based on the configuration
func IsAuthorizedIPSimple ¶ added in v1.0.36
IsAuthorizedIPSimple checks if the source IP is in the provided allowed IP list This is a convenience function for simple use cases
Types ¶
type AESEncryptor ¶
type AESEncryptor struct {
// contains filtered or unexported fields
}
AESEncryptor handles AES encryption/decryption
func NewAESEncryptor ¶
func NewAESEncryptor(keyString string) (*AESEncryptor, error)
NewAESEncryptor creates a new AES encryptor
type APIKeyConfig ¶
type APIKeyConfig struct {
// Storage settings
Provider string `json:"provider"` // "secrets-manager", "parameter-store"
KeyPrefix string `json:"key_prefix"`
// Validation settings
MinLength int `json:"min_length"`
RequireRotation bool `json:"require_rotation"`
MaxAge time.Duration `json:"max_age"`
// Rate limiting for API keys
RateLimit int `json:"rate_limit"`
RatePeriod time.Duration `json:"rate_period"`
}
APIKeyConfig configures API key authentication
type AWSSecretsManager ¶
type AWSSecretsManager struct {
// contains filtered or unexported fields
}
AWSSecretsManager implements the SecretsProvider interface using AWS Secrets Manager
func NewAWSSecretsManager ¶
func NewAWSSecretsManager(ctx context.Context, region, keyPrefix string) (*AWSSecretsManager, error)
NewAWSSecretsManager creates a new AWS Secrets Manager provider with plain text cache (deprecated)
func NewSecureAWSSecretsManager ¶
func NewSecureAWSSecretsManager(ctx context.Context, region, keyPrefix string, encryptionKey []byte) (*AWSSecretsManager, error)
NewSecureAWSSecretsManager creates a new AWS Secrets Manager provider with encrypted cache
func (*AWSSecretsManager) DeleteSecret ¶
func (asm *AWSSecretsManager) DeleteSecret(ctx context.Context, name string) error
DeleteSecret removes a secret from AWS Secrets Manager
func (*AWSSecretsManager) GetJSONSecret ¶
GetJSONSecret retrieves and unmarshals a JSON secret
func (*AWSSecretsManager) GetSecret ¶
GetSecret retrieves a secret from AWS Secrets Manager (with caching)
func (*AWSSecretsManager) PutJSONSecret ¶
PutJSONSecret marshals and stores a JSON secret
func (*AWSSecretsManager) RotateSecret ¶
func (asm *AWSSecretsManager) RotateSecret(ctx context.Context, name string) error
RotateSecret initiates rotation for a secret
type AccessControlData ¶
type AccessControlData struct {
LastLogin time.Time `json:"last_login"`
UserID string `json:"user_id"`
Role string `json:"role"`
AuthMethod string `json:"auth_method"`
Permissions []string `json:"permissions"`
FailedAttempts int `json:"failed_attempts"`
SessionTimeout int `json:"session_timeout"`
MFAEnabled bool `json:"mfa_enabled"`
PrivilegedAccess bool `json:"privileged_access"`
}
AccessControlData for access control monitoring
type AccessLogEntry ¶
type AccessLogEntry struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
UserID string `json:"user_id"`
Resource string `json:"resource"`
Action string `json:"action"`
Result string `json:"result"`
IPAddress string `json:"ip_address"`
SessionID string `json:"session_id"`
DataAccessed []string `json:"data_accessed"`
Duration time.Duration `json:"duration"`
}
AccessLogEntry represents an access log entry
type AdequacyDecision ¶
type AdequacyDecision struct {
Country string `json:"country"`
Decision string `json:"decision"`
DecisionDate time.Time `json:"decision_date"`
ValidUntil *time.Time `json:"valid_until,omitempty"`
Conditions []string `json:"conditions"`
}
AdequacyDecision represents an adequacy decision
type AdvancedComplianceValidator ¶
type AdvancedComplianceValidator interface {
ComplianceValidator // Embed base interface
ValidateSOC2Controls(ctx LiftContext, controls *SOC2Controls) (*ComplianceResult, error)
ValidateGDPRCompliance(ctx LiftContext, operation string, data any) (*ComplianceResult, error)
ValidateDataProcessingBasis(ctx LiftContext, basis string) (*ComplianceResult, error)
ValidateDataMinimization(ctx LiftContext, data any) (*ComplianceResult, error)
ValidateConsentRequirements(ctx LiftContext, consent *ConsentData) (*ComplianceResult, error)
}
AdvancedComplianceValidator provides enhanced validation
type AggregateRiskScore ¶
type AggregateRiskScore struct {
TimeRange TimeRange `json:"time_range"`
RiskDistribution map[string]int `json:"risk_distribution"`
Metadata map[string]any `json:"metadata"`
Level string `json:"level"`
TrendDirection string `json:"trend_direction"`
TopRiskFactors []RiskFactor `json:"top_risk_factors"`
Recommendations []string `json:"recommendations"`
OverallScore float64 `json:"overall_score"`
EventCount int `json:"event_count"`
}
AggregateRiskScore represents aggregated risk across multiple events
type AggregatedDataPoint ¶
type AggregatedDataPoint struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
Value float64 `json:"value"`
Count int `json:"count"`
Min float64 `json:"min"`
Max float64 `json:"max"`
Average float64 `json:"average"`
Sum float64 `json:"sum"`
StdDev float64 `json:"std_dev"`
}
AggregatedDataPoint represents an aggregated data point
type AggregatedMetrics ¶
type AggregatedMetrics struct {
Summary MetricSummary `json:"summary"`
GeneratedAt time.Time `json:"generated_at"`
Metadata map[string]any `json:"metadata"`
Results []MetricResult `json:"results"`
Query MetricsQuery `json:"query"`
}
AggregatedMetrics represents aggregated metrics
type AlertAction ¶
type AlertAction struct {
// Map first (24 bytes)
Parameters map[string]any `json:"parameters"`
// Strings (16 bytes each)
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Description string `json:"description"`
// Bool last (1 byte)
Automated bool `json:"automated"`
}
AlertAction represents an action for an alert Memory optimized: 80 → 64 bytes (16 bytes saved)
type AlertManager ¶
type AlertManager interface {
SendAlert(alert *ComplianceAlert) error
SendCriticalAlert(alert *ComplianceAlert) error
GetAlertHistory(since time.Time) ([]*ComplianceAlert, error)
ConfigureAlertRules(rules []AlertRule) error
}
AlertManager interface for compliance alerting
type AlertRule ¶
type AlertRule struct {
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Condition string `json:"condition"`
Severity string `json:"severity"`
Recipients []string `json:"recipients"`
Channels []string `json:"channels"`
Threshold float64 `json:"threshold"`
Enabled bool `json:"enabled"`
}
AlertRule defines alerting rules
type AlertThresholds ¶
type AlertThresholds struct {
CriticalRiskScore float64 `json:"critical_risk_score"`
HighRiskScore float64 `json:"high_risk_score"`
MediumRiskScore float64 `json:"medium_risk_score"`
AnomalyScore float64 `json:"anomaly_score"`
ComplianceThreshold float64 `json:"compliance_threshold"`
TrendDeviationLimit float64 `json:"trend_deviation_limit"`
}
AlertThresholds defines thresholds for different alert types
type AnalyticsConfig ¶
type AnalyticsConfig struct {
Enabled bool `json:"enabled"`
RealTimeAnalysis bool `json:"real_time_analysis"`
PredictiveAnalysis bool `json:"predictive_analysis"`
AnomalyDetection bool `json:"anomaly_detection"`
AutomatedRemediation bool `json:"automated_remediation"`
RiskScoringEnabled bool `json:"risk_scoring_enabled"`
AnalysisInterval time.Duration `json:"analysis_interval"`
DataRetentionDays int `json:"data_retention_days"`
MLModelUpdateInterval time.Duration `json:"ml_model_update_interval"`
AlertThresholds AlertThresholds `json:"alert_thresholds"`
PerformanceTargets PerformanceTargets `json:"performance_targets"`
}
AnalyticsConfig configuration for audit analytics
type AnalyticsDataPoint ¶
type AnalyticsDataPoint struct {
Timestamp time.Time `json:"timestamp"`
Metrics map[string]float64 `json:"metrics"`
Labels map[string]string `json:"labels"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Type string `json:"type"`
Source string `json:"source"`
}
AnalyticsDataPoint represents a data point for analytics
type AnalyticsDataStore ¶
type AnalyticsDataStore interface {
StoreAnalyticsData(ctx context.Context, data *AnalyticsDataPoint) error
GetAnalyticsData(ctx context.Context, query *AnalyticsQuery) ([]*AnalyticsDataPoint, error)
GetAggregatedMetrics(ctx context.Context, query *MetricsQuery) (*AggregatedMetrics, error)
CleanupOldData(ctx context.Context, retentionPeriod time.Duration) error
}
AnalyticsDataStore interface for analytics data storage
type AnalyticsMetrics ¶
type AnalyticsMetrics struct {
Timestamp time.Time `json:"timestamp"`
AggregatedMetrics *AggregatedMetrics `json:"aggregated_metrics"`
Performance *PerformanceMetrics `json:"performance"`
}
AnalyticsMetrics represents analytics metrics
type AnalyticsQuery ¶
type AnalyticsQuery struct {
StartTime time.Time `json:"start_time"`
EndTime time.Time `json:"end_time"`
Labels map[string]string `json:"labels"`
Types []string `json:"types"`
Sources []string `json:"sources"`
Limit int `json:"limit"`
Offset int `json:"offset"`
}
AnalyticsQuery represents a query for analytics data
type Anomaly ¶
type Anomaly struct {
DetectedAt time.Time `json:"detected_at"`
Metadata map[string]any `json:"metadata"`
Description string `json:"description"`
Impact string `json:"impact"`
Severity string `json:"severity"`
ID string `json:"id"`
Status string `json:"status"`
Type string `json:"type"`
Recommendations []string `json:"recommendations"`
Events []*AuditEvent `json:"events"`
Pattern AnomalyPattern `json:"pattern"`
Confidence float64 `json:"confidence"`
Score float64 `json:"score"`
}
Anomaly represents a detected anomaly Memory optimized: 112 → 88 bytes (24 bytes saved)
type AnomalyDetector ¶
type AnomalyDetector interface {
DetectAnomalies(ctx context.Context, events []*AuditEvent) ([]*Anomaly, error)
TrainModel(ctx context.Context, trainingData []*AuditEvent) error
UpdateBaseline(ctx context.Context, events []*AuditEvent) error
GetAnomalyPatterns() []AnomalyPattern
}
AnomalyDetector interface for anomaly detection
type AnomalyPattern ¶
type AnomalyPattern struct {
Thresholds map[string]float64 `json:"thresholds"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Description string `json:"description"`
Indicators []string `json:"indicators"`
Enabled bool `json:"enabled"`
}
AnomalyPattern represents a pattern used for anomaly detection
type AnomalyRecord ¶
type AnomalyRecord struct {
Timestamp time.Time `json:"timestamp"`
Type string `json:"type"`
Severity string `json:"severity"`
Description string `json:"description"`
Score float64 `json:"score"`
Resolved bool `json:"resolved"`
}
AnomalyRecord represents an anomaly record
type AssessedRiskFactor ¶
type AssessedRiskFactor struct {
Impact string `json:"impact"`
Likelihood string `json:"likelihood"`
Rationale string `json:"rationale"`
PIARiskFactor
Score float64 `json:"score"`
}
AssessedRiskFactor represents an assessed risk factor
type AuditAnalyticsEngine ¶
type AuditAnalyticsEngine struct {
// contains filtered or unexported fields
}
AuditAnalyticsEngine provides advanced audit analytics with ML-based insights
func NewAuditAnalyticsEngine ¶
func NewAuditAnalyticsEngine(config AnalyticsConfig) *AuditAnalyticsEngine
NewAuditAnalyticsEngine creates a new audit analytics engine
func (*AuditAnalyticsEngine) AnalyzeBatch ¶
func (aae *AuditAnalyticsEngine) AnalyzeBatch(ctx context.Context, events []*AuditEvent) (*BatchAnalysis, error)
AnalyzeBatch analyzes a batch of audit events
func (*AuditAnalyticsEngine) AnalyzeEvent ¶
func (aae *AuditAnalyticsEngine) AnalyzeEvent(ctx context.Context, event *AuditEvent) (*EventAnalysis, error)
AnalyzeEvent analyzes a single audit event
func (*AuditAnalyticsEngine) GeneratePredictions ¶
func (aae *AuditAnalyticsEngine) GeneratePredictions(ctx context.Context, timeframe time.Duration) (*PredictionReport, error)
GeneratePredictions generates compliance predictions
func (*AuditAnalyticsEngine) GetAnalyticsMetrics ¶
func (aae *AuditAnalyticsEngine) GetAnalyticsMetrics(ctx context.Context) (*AnalyticsMetrics, error)
GetAnalyticsMetrics returns current analytics metrics
func (*AuditAnalyticsEngine) SetAnomalyDetector ¶
func (aae *AuditAnalyticsEngine) SetAnomalyDetector(detector AnomalyDetector)
SetAnomalyDetector sets the anomaly detector
func (*AuditAnalyticsEngine) SetDataStore ¶
func (aae *AuditAnalyticsEngine) SetDataStore(store AnalyticsDataStore)
SetDataStore sets the analytics data store
func (*AuditAnalyticsEngine) SetPredictiveModel ¶
func (aae *AuditAnalyticsEngine) SetPredictiveModel(model PredictiveModel)
SetPredictiveModel sets the predictive model
func (*AuditAnalyticsEngine) SetRemediationEngine ¶
func (aae *AuditAnalyticsEngine) SetRemediationEngine(engine RemediationEngine)
SetRemediationEngine sets the remediation engine
func (*AuditAnalyticsEngine) SetRiskScorer ¶
func (aae *AuditAnalyticsEngine) SetRiskScorer(scorer RiskScorer)
SetRiskScorer sets the risk scorer
func (*AuditAnalyticsEngine) Start ¶
func (aae *AuditAnalyticsEngine) Start(ctx context.Context) error
Start starts the analytics engine
func (*AuditAnalyticsEngine) Stop ¶
func (aae *AuditAnalyticsEngine) Stop() error
Stop stops the analytics engine
type AuditDataPoint ¶
type AuditDataPoint struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
EventCount int `json:"event_count"`
AnomalyCount int `json:"anomaly_count"`
FailureRate float64 `json:"failure_rate"`
}
AuditDataPoint represents an audit data point
type AuditEntry ¶
type AuditEntry struct {
// Map first (24 bytes)
Metadata map[string]any `json:"metadata,omitempty"`
// Time struct (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
ID string `json:"id"`
UserID string `json:"user_id"`
TenantID string `json:"tenant_id"`
Action string `json:"action"`
Resource string `json:"resource"`
Result string `json:"result"`
}
AuditEntry represents an audit trail entry Memory optimized: 128 → 120 bytes (8 bytes saved)
type AuditEvent ¶
type AuditEvent struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
UserID string `json:"user_id"`
Severity string `json:"severity"`
Source string `json:"source"`
Result string `json:"result"`
IPAddress string `json:"ip_address"`
TenantID string `json:"tenant_id"`
Action string `json:"action"`
Resource string `json:"resource"`
ID string `json:"id"`
EventType string `json:"event_type"`
RequestID string `json:"request_id"`
UserAgent string `json:"user_agent"`
SessionID string `json:"session_id"`
Compliance ComplianceContext `json:"compliance"`
DataAccessed []string `json:"data_accessed"`
Security SecurityContext `json:"security"`
Duration time.Duration `json:"duration"`
}
AuditEvent represents an audit event for analysis Memory optimized: 472 → 464 bytes (8 bytes saved)
type AuditFilter ¶
type AuditFilter struct {
// Time structs first (24 bytes each)
Since time.Time `json:"since,omitempty"`
Until time.Time `json:"until,omitempty"`
// Strings (16 bytes each)
UserID string `json:"user_id,omitempty"`
TenantID string `json:"tenant_id,omitempty"`
AuditID string `json:"audit_id,omitempty"`
EntryType string `json:"entry_type,omitempty"`
// Int last (4 bytes)
Limit int `json:"limit,omitempty"`
}
AuditFilter defines filters for querying audit logs Memory optimized: 112 → 104 bytes (8 bytes saved)
type AuditLogEntry ¶
type AuditLogEntry struct {
// Pointers first (8 bytes each)
Request *AuditRequest `json:"request,omitempty"`
Response *AuditResponse `json:"response,omitempty"`
DataAccess *DataAccessLog `json:"data_access,omitempty"`
SecurityEvent *SecurityEvent `json:"security_event,omitempty"`
// Map (24 bytes)
Metadata map[string]any `json:"metadata,omitempty"`
// Time struct (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
ID string `json:"id"`
AuditID string `json:"audit_id"`
TenantID string `json:"tenant_id"`
UserID string `json:"user_id"`
EntryType string `json:"entry_type"`
Checksum string `json:"checksum"`
// Int64 last (8 bytes)
TTL int64 `json:"ttl"`
}
AuditLogEntry represents a complete audit log entry Memory optimized: 160 → 152 bytes (8 bytes saved)
type AuditLogger ¶
type AuditLogger interface {
StartAudit(ctx LiftContext) string
LogRequest(auditID string, request *AuditRequest) error
LogResponse(auditID string, response *AuditResponse) error
LogDataAccess(auditID string, access *DataAccessLog) error
LogSecurityEvent(auditID string, event *SecurityEvent) error
}
AuditLogger handles audit trail logging
type AuditLoggerMetrics ¶
type AuditLoggerMetrics struct {
// Time struct first (24 bytes)
LastFlush time.Time `json:"last_flush"`
// 8-byte values grouped
TotalEntries int64 `json:"total_entries"`
FlushCount int64 `json:"flush_count"`
ErrorCount int64 `json:"error_count"`
AverageLatency time.Duration `json:"average_latency"`
BufferUtilization float64 `json:"buffer_utilization"`
// Int last (4 bytes)
BufferedEntries int `json:"buffered_entries"`
}
AuditLoggerMetrics tracks audit system performance Memory optimized: 64 → 24 bytes (40 bytes saved)
type AuditMetrics ¶
type AuditMetrics struct {
EventsByType map[string]int `json:"events_by_type"`
EventsBySeverity map[string]int `json:"events_by_severity"`
EventsBySource map[string]int `json:"events_by_source"`
AnomaliesByType map[string]int `json:"anomalies_by_type"`
EventTrend string `json:"event_trend"`
HistoricalData []AuditDataPoint `json:"historical_data"`
FailureRate float64 `json:"failure_rate"`
AverageEventSize float64 `json:"average_event_size"`
DataIntegrityScore float64 `json:"data_integrity_score"`
LogCompleteness float64 `json:"log_completeness"`
RetentionCompliance float64 `json:"retention_compliance"`
TotalEvents int `json:"total_events"`
AnomalyCount int `json:"anomaly_count"`
FailedEvents int `json:"failed_events"`
}
AuditMetrics represents audit-specific metrics Memory optimized: 120 → 56 bytes (64 bytes saved)
type AuditQueryResult ¶
type AuditQueryResult struct {
NextToken string `json:"next_token,omitempty"`
Entries []AuditLogEntry `json:"entries"`
TotalCount int `json:"total_count"`
}
AuditQueryResult represents the result of an audit query Memory optimized: 32 → 24 bytes (8 bytes saved)
type AuditRequest ¶
type AuditRequest struct {
// Maps first (24 bytes each)
Headers map[string]string `json:"headers,omitempty"`
QueryParams map[string]string `json:"query_params,omitempty"`
// Time struct (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
UserID string `json:"user_id"`
TenantID string `json:"tenant_id"`
Action string `json:"action"`
Resource string `json:"resource"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
ContentType string `json:"content_type"`
SessionID string `json:"session_id,omitempty"`
// Int64 last (8 bytes)
RequestSize int64 `json:"request_size"`
}
AuditRequest represents an auditable request Memory optimized: 168 → 160 bytes (8 bytes saved)
type AuditRequirement ¶
type AuditRequirement struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Scope []string `json:"scope"`
Frequency time.Duration `json:"frequency"`
Automated bool `json:"automated"`
External bool `json:"external"`
}
AuditRequirement defines audit requirements
type AuditResponse ¶
type AuditResponse struct {
Error error `json:"error,omitempty"`
DataAccess []string `json:"data_access,omitempty"`
Warnings []string `json:"warnings,omitempty"`
ResponseSize int64 `json:"response_size"`
Duration time.Duration `json:"duration"`
StatusCode int `json:"status_code"`
}
AuditResponse represents an auditable response Memory optimized: 72 → 48 bytes (24 bytes saved)
type AuditStorage ¶
type AuditStorage interface {
Store(ctx context.Context, entry AuditLogEntry) error
Query(ctx context.Context, filter AuditFilter) ([]AuditLogEntry, error)
BatchStore(ctx context.Context, entries []AuditLogEntry) error
}
AuditStorage defines the interface for audit log storage
type BCRResult ¶
type BCRResult struct {
ValidationDate time.Time `json:"validation_date"`
Metadata map[string]any `json:"metadata"`
Issues []ValidationIssue `json:"issues"`
Recommendations []string `json:"recommendations"`
Valid bool `json:"valid"`
BCRApplicable bool `json:"bcr_applicable"`
}
BCRResult represents the result of BCR validation
type BCRValidation ¶
type BCRValidation struct {
Metadata map[string]any `json:"metadata"`
CompanyGroup string `json:"company_group"`
BCRVersion string `json:"bcr_version"`
DataCategories []string `json:"data_categories"`
Purposes []string `json:"purposes"`
Countries []string `json:"countries"`
}
BCRValidation represents Binding Corporate Rules validation
type BankingComplianceConfig ¶
type BankingComplianceConfig struct {
PCIDSSLevel string `json:"pci_dss_level"`
FraudDetectionLevel string `json:"fraud_detection_level"`
AuditFrequency string `json:"audit_frequency"`
RegulatedCountries []string `json:"regulated_countries"`
DataResidencyRules []string `json:"data_residency_rules"`
EncryptionStandards []string `json:"encryption_standards"`
SOXCompliance bool `json:"sox_compliance"`
BSACompliance bool `json:"bsa_compliance"`
GLBACompliance bool `json:"glba_compliance"`
FedRAMPRequired bool `json:"fedramp_required"`
AMLRequired bool `json:"aml_required"`
KYCRequired bool `json:"kyc_required"`
}
BankingComplianceConfig configuration for banking compliance
type BankingComplianceTemplate ¶
type BankingComplianceTemplate struct {
// contains filtered or unexported fields
}
BankingComplianceTemplate for financial services compliance
func NewBankingComplianceTemplate ¶
func NewBankingComplianceTemplate(config BankingComplianceConfig) *BankingComplianceTemplate
NewBankingComplianceTemplate creates a new banking compliance template
func (*BankingComplianceTemplate) GenerateComplianceReport ¶
func (bct *BankingComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
GenerateComplianceReport generates a banking compliance report
func (*BankingComplianceTemplate) GetAudits ¶
func (bct *BankingComplianceTemplate) GetAudits() []AuditRequirement
GetAudits returns audit requirements
func (*BankingComplianceTemplate) GetComplianceMiddleware ¶
func (bct *BankingComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
GetComplianceMiddleware returns compliance middleware
func (*BankingComplianceTemplate) GetControls ¶
func (bct *BankingComplianceTemplate) GetControls() []ComplianceControl
GetControls returns compliance controls
func (*BankingComplianceTemplate) GetIndustry ¶
func (bct *BankingComplianceTemplate) GetIndustry() string
GetIndustry returns the industry name
func (*BankingComplianceTemplate) GetRegulations ¶
func (bct *BankingComplianceTemplate) GetRegulations() []string
GetRegulations returns applicable regulations
func (*BankingComplianceTemplate) GetRiskAssessments ¶
func (bct *BankingComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
GetRiskAssessments returns risk assessment templates
func (*BankingComplianceTemplate) ValidateCompliance ¶
func (bct *BankingComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
ValidateCompliance validates compliance for banking
type BatchAnalysis ¶
type BatchAnalysis struct {
Timestamp time.Time `json:"timestamp"`
AggregateRisk *AggregateRiskScore `json:"aggregate_risk,omitempty"`
BatchID string `json:"batch_id"`
EventAnalyzes []*EventAnalysis `json:"event_analyzes"`
BatchAnomalies []*Anomaly `json:"batch_anomalies,omitempty"`
EventCount int `json:"event_count"`
}
BatchAnalysis represents the analysis of a batch of events
type BufferedAuditLogger ¶
type BufferedAuditLogger struct {
// contains filtered or unexported fields
}
BufferedAuditLogger implements AuditLogger with buffering for performance Memory optimized: 160 → 112 bytes (48 bytes saved)
func NewBufferedAuditLogger ¶
func NewBufferedAuditLogger(storage AuditStorage, bufferSize int, flushTimeout time.Duration) *BufferedAuditLogger
NewBufferedAuditLogger creates a new buffered audit logger
func (*BufferedAuditLogger) GetAuditMetrics ¶
func (bal *BufferedAuditLogger) GetAuditMetrics() AuditLoggerMetrics
GetAuditMetrics returns audit system metrics
func (*BufferedAuditLogger) LogDataAccess ¶
func (bal *BufferedAuditLogger) LogDataAccess(auditID string, access *DataAccessLog) error
LogDataAccess logs data access for audit trails
func (*BufferedAuditLogger) LogRequest ¶
func (bal *BufferedAuditLogger) LogRequest(auditID string, request *AuditRequest) error
LogRequest logs an audit request
func (*BufferedAuditLogger) LogResponse ¶
func (bal *BufferedAuditLogger) LogResponse(auditID string, response *AuditResponse) error
LogResponse logs an audit response
func (*BufferedAuditLogger) LogSecurityEvent ¶
func (bal *BufferedAuditLogger) LogSecurityEvent(auditID string, event *SecurityEvent) error
LogSecurityEvent logs a security event
func (*BufferedAuditLogger) QueryAuditTrail ¶
func (bal *BufferedAuditLogger) QueryAuditTrail(ctx context.Context, filter AuditFilter) (*AuditQueryResult, error)
QueryAuditTrail queries the audit trail
func (*BufferedAuditLogger) StartAudit ¶
func (bal *BufferedAuditLogger) StartAudit(ctx LiftContext) string
StartAudit starts a new audit session and returns an audit ID
func (*BufferedAuditLogger) Stop ¶
func (bal *BufferedAuditLogger) Stop() error
Stop stops the audit logger and flushes remaining entries
func (*BufferedAuditLogger) VerifyIntegrity ¶
VerifyIntegrity verifies the integrity of audit entries
type BusinessContinuityData ¶
type BusinessContinuityData struct {
LastTested time.Time `json:"last_tested"`
PlanID string `json:"plan_id"`
TestResults string `json:"test_results"`
BackupStrategy string `json:"backup_strategy"`
RPO time.Duration `json:"rpo"`
RTO time.Duration `json:"rto"`
DisasterRecovery bool `json:"disaster_recovery"`
CommunicationPlan bool `json:"communication_plan"`
}
BusinessContinuityData for business continuity controls
type CORSConfig ¶
type CORSConfig struct {
ValidateOrigin func(origin string) bool `json:"-"`
AllowedOrigins []string `json:"allowed_origins"`
AllowedMethods []string `json:"allowed_methods"`
AllowedHeaders []string `json:"allowed_headers"`
ExposedHeaders []string `json:"exposed_headers"`
MaxAge int `json:"max_age"`
AllowCredentials bool `json:"allow_credentials"`
}
CORSConfig defines Cross-Origin Resource Sharing settings
type CachedSecret ¶
type CachedSecret struct {
// time.Time (24 bytes)
ExpiresAt time.Time
// string (16 bytes)
Value string
}
CachedSecret represents a cached secret with expiration
type CertificationStatus ¶
type CertificationStatus struct {
ValidFrom time.Time `json:"valid_from"`
ValidUntil time.Time `json:"valid_until"`
NextReview time.Time `json:"next_review"`
Certification string `json:"certification"`
Status string `json:"status"`
CertifyingBody string `json:"certifying_body"`
Scope []string `json:"scope"`
Conditions []string `json:"conditions"`
}
CertificationStatus represents certification status
type ChangeManagementData ¶
type ChangeManagementData struct {
ApprovalDate time.Time `json:"approval_date"`
ImplementationDate time.Time `json:"implementation_date"`
ChangeID string `json:"change_id"`
ChangeType string `json:"change_type"`
Requestor string `json:"requestor"`
Approver string `json:"approver"`
TestingCompleted bool `json:"testing_completed"`
RollbackPlan bool `json:"rollback_plan"`
DocumentationUpdated bool `json:"documentation_updated"`
}
ChangeManagementData for change management controls
type ComplianceAlert ¶
type ComplianceAlert struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
ResolvedAt *time.Time `json:"resolved_at,omitempty"`
AcknowledgedAt *time.Time `json:"acknowledged_at,omitempty"`
Description string `json:"description"`
ControlID string `json:"control_id"`
ID string `json:"id"`
AcknowledgedBy string `json:"acknowledged_by"`
Title string `json:"title"`
Severity string `json:"severity"`
Type string `json:"type"`
Recipients []string `json:"recipients"`
Channels []string `json:"channels"`
Escalated bool `json:"escalated"`
Acknowledged bool `json:"acknowledged"`
Resolved bool `json:"resolved"`
}
ComplianceAlert represents a compliance alert
type ComplianceConfig ¶
type ComplianceConfig struct {
DataClassification map[string]string `json:"data_classification"`
EnabledFrameworks []string `json:"enabled_frameworks"`
RegionRestrictions []string `json:"region_restrictions"`
CustomRules []ComplianceRule `json:"custom_rules"`
AuditRetention time.Duration `json:"audit_retention"`
EncryptionRequired bool `json:"encryption_required"`
}
ComplianceConfig holds configuration for compliance frameworks Memory optimized: 80 → 64 bytes (16 bytes saved)
type ComplianceContext ¶
type ComplianceContext struct {
Framework string `json:"framework"`
RiskLevel string `json:"risk_level"`
DataCategory string `json:"data_category"`
Controls []string `json:"controls"`
Requirements []string `json:"requirements"`
Violations []string `json:"violations"`
}
ComplianceContext provides compliance-specific context
type ComplianceControl ¶
type ComplianceControl struct {
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Framework string `json:"framework"`
Category string `json:"category"`
Severity string `json:"severity"`
Remediation string `json:"remediation"`
Evidence []EvidenceRequirement `json:"evidence"`
Tests []ComplianceTest `json:"tests"`
Frequency time.Duration `json:"frequency"`
Automated bool `json:"automated"`
}
ComplianceControl defines a specific control
type ComplianceDashboard ¶
type ComplianceDashboard struct {
// contains filtered or unexported fields
}
ComplianceDashboard provides real-time compliance visibility Memory optimized: 152 → 64 bytes (88 bytes saved)
func NewComplianceDashboard ¶
func NewComplianceDashboard(config DashboardConfig) *ComplianceDashboard
NewComplianceDashboard creates a new compliance dashboard
func (*ComplianceDashboard) CreateDashboardLayout ¶
func (cd *ComplianceDashboard) CreateDashboardLayout(_ context.Context, layout *DashboardLayout) error
CreateDashboardLayout creates a new dashboard layout
func (*ComplianceDashboard) DeleteDashboardLayout ¶
func (cd *ComplianceDashboard) DeleteDashboardLayout(_ context.Context, _ string) error
DeleteDashboardLayout deletes a dashboard layout
func (*ComplianceDashboard) ExportDashboardData ¶
func (cd *ComplianceDashboard) ExportDashboardData(ctx context.Context, format string, timeRange TimeRange) ([]byte, error)
ExportDashboardData exports dashboard data
func (*ComplianceDashboard) GetDashboardLayout ¶
func (cd *ComplianceDashboard) GetDashboardLayout(_ context.Context, _ string) (*DashboardLayout, error)
GetDashboardLayout returns a dashboard layout
func (*ComplianceDashboard) GetDashboardMetrics ¶
func (cd *ComplianceDashboard) GetDashboardMetrics(ctx context.Context, timeRange TimeRange) (*DashboardMetrics, error)
GetDashboardMetrics returns current dashboard metrics
func (*ComplianceDashboard) GetWidget ¶
func (cd *ComplianceDashboard) GetWidget(ctx context.Context, widgetID string, config WidgetConfig) (*DashboardWidget, error)
GetWidget returns a specific widget's data
func (*ComplianceDashboard) SetAlertManager ¶
func (cd *ComplianceDashboard) SetAlertManager(manager DashboardAlertManager)
SetAlertManager sets the alert manager
func (*ComplianceDashboard) SetCache ¶
func (cd *ComplianceDashboard) SetCache(cache DashboardCache)
SetCache sets the dashboard cache
func (*ComplianceDashboard) SetDataAggregator ¶
func (cd *ComplianceDashboard) SetDataAggregator(aggregator DataAggregator)
SetDataAggregator sets the data aggregator
func (*ComplianceDashboard) SetMetricsEngine ¶
func (cd *ComplianceDashboard) SetMetricsEngine(engine MetricsEngine)
SetMetricsEngine sets the metrics engine
func (*ComplianceDashboard) Start ¶
func (cd *ComplianceDashboard) Start(ctx context.Context) error
Start starts the dashboard
func (*ComplianceDashboard) Stop ¶
func (cd *ComplianceDashboard) Stop() error
Stop stops the dashboard
func (*ComplianceDashboard) UpdateDashboardLayout ¶
func (cd *ComplianceDashboard) UpdateDashboardLayout(_ context.Context, _ string, layout *DashboardLayout) error
UpdateDashboardLayout updates a dashboard layout
type ComplianceDataPoint ¶
type ComplianceDataPoint struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
Framework string `json:"framework"`
ComplianceScore float64 `json:"compliance_score"`
ViolationCount int `json:"violation_count"`
ControlCount int `json:"control_count"`
}
ComplianceDataPoint represents a compliance data point
type ComplianceException ¶
type ComplianceException struct {
DetectedDate time.Time `json:"detected_date"`
DueDate time.Time `json:"due_date"`
Metadata map[string]any `json:"metadata"`
Resolution *ExceptionResolution `json:"resolution,omitempty"`
AssignedTo string `json:"assigned_to"`
Description string `json:"description"`
ReportedBy string `json:"reported_by"`
Status string `json:"status"`
ID string `json:"id"`
Severity string `json:"severity"`
ExceptionType string `json:"exception_type"`
Impact string `json:"impact"`
RootCause string `json:"root_cause"`
Remediation string `json:"remediation"`
ControlID string `json:"control_id"`
PreventiveMeasures []string `json:"preventive_measures"`
}
ComplianceException represents a compliance exception
type ComplianceFinding ¶
type ComplianceFinding struct {
DueDate time.Time `json:"due_date"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
ID string `json:"id"`
Type string `json:"type"`
Severity string `json:"severity"`
Description string `json:"description"`
Evidence string `json:"evidence"`
Impact string `json:"impact"`
Remediation string `json:"remediation"`
Status string `json:"status"`
AssignedTo string `json:"assigned_to"`
}
ComplianceFinding represents a compliance finding
type ComplianceFramework ¶
type ComplianceFramework struct {
// contains filtered or unexported fields
}
ComplianceFramework defines the compliance requirements and enforcement
func NewComplianceFramework ¶
func NewComplianceFramework(framework string, config ComplianceConfig) *ComplianceFramework
NewComplianceFramework creates a new compliance framework
func (*ComplianceFramework) AddCustomRule ¶
func (cf *ComplianceFramework) AddCustomRule(rule ComplianceRule)
AddCustomRule adds a custom compliance rule
func (*ComplianceFramework) ComplianceAudit ¶
func (cf *ComplianceFramework) ComplianceAudit() LiftMiddleware
ComplianceAudit creates middleware for compliance auditing
func (*ComplianceFramework) GenerateComplianceReport ¶
func (cf *ComplianceFramework) GenerateComplianceReport(period time.Duration) (*ComplianceReport, error)
GenerateComplianceReport generates a compliance report
func (*ComplianceFramework) GetComplianceStatus ¶
func (cf *ComplianceFramework) GetComplianceStatus(_ context.Context) (*ComplianceResult, error)
GetComplianceStatus returns the current compliance status
func (*ComplianceFramework) GetCustomRules ¶
func (cf *ComplianceFramework) GetCustomRules() []ComplianceRule
GetCustomRules returns all custom compliance rules
func (*ComplianceFramework) IsFrameworkEnabled ¶
func (cf *ComplianceFramework) IsFrameworkEnabled(framework string) bool
IsFrameworkEnabled checks if a compliance framework is enabled
func (*ComplianceFramework) MarshalJSON ¶
func (cf *ComplianceFramework) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaler for ComplianceFramework
func (*ComplianceFramework) SetAuditor ¶
func (cf *ComplianceFramework) SetAuditor(auditor AuditLogger)
SetAuditor sets the audit logger
func (*ComplianceFramework) SetReporter ¶
func (cf *ComplianceFramework) SetReporter(reporter ComplianceReporter)
SetReporter sets the compliance reporter
func (*ComplianceFramework) SetValidator ¶
func (cf *ComplianceFramework) SetValidator(validator ComplianceValidator)
SetValidator sets the compliance validator
func (*ComplianceFramework) ValidateConfiguration ¶
func (cf *ComplianceFramework) ValidateConfiguration() error
ValidateConfiguration validates the compliance configuration
type ComplianceIssue ¶
type ComplianceIssue struct {
DetectedAt time.Time `json:"detected_at"`
Deadline time.Time `json:"deadline"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Type string `json:"type"`
Severity string `json:"severity"`
Description string `json:"description"`
Framework string `json:"framework"`
Impact string `json:"impact"`
Controls []string `json:"controls"`
Evidence []string `json:"evidence"`
RiskScore float64 `json:"risk_score"`
}
ComplianceIssue represents a compliance issue requiring remediation
type ComplianceMetrics ¶
type ComplianceMetrics struct {
LastAuditDate time.Time `json:"last_audit_date"`
NextAuditDate time.Time `json:"next_audit_date"`
ControlEffectiveness map[string]float64 `json:"control_effectiveness"`
ViolationsByType map[string]int `json:"violations_by_type"`
ViolationsBySeverity map[string]int `json:"violations_by_severity"`
FrameworkScores map[string]float64 `json:"framework_scores"`
TrendDirection string `json:"trend_direction"`
HistoricalData []ComplianceDataPoint `json:"historical_data"`
Recommendations []ComplianceRecommendation `json:"recommendations"`
CertificationStatus []CertificationStatus `json:"certification_status"`
OverallScore float64 `json:"overall_score"`
ComplianceRate float64 `json:"compliance_rate"`
ViolationCount int `json:"violation_count"`
}
ComplianceMetrics represents compliance-specific metrics Memory optimized: 176 → 152 bytes (24 bytes saved)
type CompliancePrediction ¶
type CompliancePrediction struct {
GeneratedAt time.Time `json:"generated_at"`
Metadata map[string]any `json:"metadata"`
RiskFactors []PredictiveRiskFactor `json:"risk_factors"`
Scenarios []RiskScenario `json:"scenarios"`
Recommendations []string `json:"recommendations"`
Timeframe time.Duration `json:"timeframe"`
PredictedRisk float64 `json:"predicted_risk"`
Confidence float64 `json:"confidence"`
}
CompliancePrediction represents a compliance risk prediction Memory optimized: 160 → 152 bytes (8 bytes saved)
type ComplianceRecommendation ¶
type ComplianceRecommendation struct {
DueDate time.Time `json:"due_date"`
ID string `json:"id"`
Priority string `json:"priority"`
Category string `json:"category"`
Title string `json:"title"`
Description string `json:"description"`
Timeline string `json:"timeline"`
Cost string `json:"cost"`
Impact string `json:"impact"`
Owner string `json:"owner"`
Status string `json:"status"`
Actions []string `json:"actions"`
}
ComplianceRecommendation represents a compliance recommendation
type ComplianceReport ¶
type ComplianceReport struct {
GeneratedAt time.Time `json:"generated_at"`
Framework string `json:"framework"`
Violations []ComplianceViolation `json:"violations"`
Summary ComplianceSummary `json:"summary"`
TotalRequests int64 `json:"total_requests"`
Period time.Duration `json:"period"`
}
ComplianceReport represents a compliance report Memory optimized: 152 → 136 bytes (16 bytes saved)
type ComplianceReporter ¶
type ComplianceReporter interface {
GenerateReport(framework string, period time.Duration) (*ComplianceReport, error)
GetViolations(framework string, since time.Time) ([]ComplianceViolation, error)
GetAuditTrail(userID, tenantID string, since time.Time) ([]AuditEntry, error)
}
ComplianceReporter generates compliance reports
type ComplianceResult ¶
type ComplianceResult struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata,omitempty"`
Framework string `json:"framework"`
Violations []ComplianceViolation `json:"violations,omitempty"`
Warnings []string `json:"warnings,omitempty"`
Compliant bool `json:"compliant"`
}
ComplianceResult represents the result of compliance validation Memory optimized: 104 → 80 bytes (24 bytes saved)
type ComplianceRule ¶
type ComplianceRule struct {
ID string `json:"id"`
Name string `json:"name"`
Framework string `json:"framework"`
Severity string `json:"severity"`
Description string `json:"description"`
Condition map[string]any `json:"condition"`
Action string `json:"action"`
}
ComplianceRule defines a custom compliance rule
type ComplianceSummary ¶
type ComplianceSummary struct {
// Map first (24 bytes)
ViolationsByType map[string]int `json:"violations_by_type"`
// Slices (24 bytes each)
TopViolations []string `json:"top_violations"`
TrendData []ComplianceTrend `json:"trend_data"`
Recommendations []string `json:"recommendations"`
// Float64 last (8 bytes)
ComplianceRate float64 `json:"compliance_rate"`
}
ComplianceSummary provides a summary of compliance status Memory optimized: 72 → 64 bytes (8 bytes saved)
type ComplianceTemplate ¶
type ComplianceTemplate interface {
GetIndustry() string
GetRegulations() []string
GetControls() []ComplianceControl
GetAudits() []AuditRequirement
ApplyToFramework(framework *EnhancedComplianceFramework) error
}
ComplianceTemplate interface for industry templates
type ComplianceTest ¶
type ComplianceTest struct {
Parameters map[string]any `json:"parameters"`
Thresholds map[string]float64 `json:"thresholds"`
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Frequency time.Duration `json:"frequency"`
Automated bool `json:"automated"`
}
ComplianceTest defines automated compliance tests
type ComplianceTestResult ¶
type ComplianceTestResult struct {
ExecutionTime time.Time `json:"execution_time"`
Metadata map[string]any `json:"metadata"`
TestName string `json:"test_name"`
Framework string `json:"framework"`
ControlID string `json:"control_id"`
TestType string `json:"test_type"`
TestID string `json:"test_id"`
Status string `json:"status"`
Findings []ComplianceFinding `json:"findings"`
Recommendations []string `json:"recommendations"`
Evidence []Evidence `json:"evidence"`
Duration time.Duration `json:"duration"`
Threshold float64 `json:"threshold"`
Score float64 `json:"score"`
}
ComplianceTestResult for automated compliance testing
type ComplianceTrend ¶
type ComplianceTrend struct {
Date time.Time `json:"date"`
ComplianceRate float64 `json:"compliance_rate"`
ViolationCount int `json:"violation_count"`
}
ComplianceTrend represents compliance trend data
type ComplianceValidator ¶
type ComplianceValidator interface {
ValidateRequest(ctx LiftContext, framework string) (*ComplianceResult, error)
ValidateDataAccess(ctx LiftContext, dataType string) (*ComplianceResult, error)
ValidateRegion(ctx LiftContext, region string) (*ComplianceResult, error)
}
ComplianceValidator validates requests against compliance rules
type ComplianceViolation ¶
type ComplianceViolation struct {
// Map first (24 bytes)
Metadata map[string]any `json:"metadata,omitempty"`
// Time struct (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
ID string `json:"id"`
RuleID string `json:"rule_id"`
Framework string `json:"framework"`
Severity string `json:"severity"`
Description string `json:"description"`
UserID string `json:"user_id,omitempty"`
TenantID string `json:"tenant_id,omitempty"`
Resource string `json:"resource,omitempty"`
// Bool last (1 byte)
Resolved bool `json:"resolved"`
}
ComplianceViolation represents a compliance violation Memory optimized: 160 → 152 bytes (8 bytes saved)
type ConsentData ¶
type ConsentData struct {
ConsentDate time.Time `json:"consent_date"`
ExpiryDate *time.Time `json:"expiry_date,omitempty"`
WithdrawalDate *time.Time `json:"withdrawal_date,omitempty"`
DataSubject string `json:"data_subject"`
ConsentMethod string `json:"consent_method"`
ConsentVersion string `json:"consent_version"`
WithdrawalMethod string `json:"withdrawal_method,omitempty"`
ConsentID string `json:"consent_id"`
ConsentScope []string `json:"consent_scope"`
ConsentGiven bool `json:"consent_given"`
Granular bool `json:"granular"`
Specific bool `json:"specific"`
Informed bool `json:"informed"`
Unambiguous bool `json:"unambiguous"`
}
ConsentData for GDPR consent management
type ConsentEvent ¶
type ConsentEvent struct {
Timestamp time.Time `json:"timestamp"`
Details map[string]any `json:"details"`
Metadata map[string]any `json:"metadata"`
EventType string `json:"event_type"`
ConsentID string `json:"consent_id"`
DataSubjectID string `json:"data_subject_id"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
}
ConsentEvent represents a consent-related event for audit logging
type ConsentHistoryEntry ¶
type ConsentHistoryEntry struct {
Timestamp time.Time `json:"timestamp"`
Changes map[string]any `json:"changes"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
ConsentID string `json:"consent_id"`
Action string `json:"action"`
DataSubjectID string `json:"data_subject_id"`
UpdatedBy string `json:"updated_by"`
Reason string `json:"reason"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
}
ConsentHistoryEntry represents a historical consent entry
type ConsentProof ¶
type ConsentProof struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
Type string `json:"type"`
Evidence string `json:"evidence"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
Method string `json:"method"`
Signature string `json:"signature,omitempty"`
Verified bool `json:"verified"`
}
ConsentProof represents proof of consent
type ConsentPurpose ¶
type ConsentPurpose struct {
ConsentDate time.Time `json:"consent_date"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
LegalBasis string `json:"legal_basis"`
Required bool `json:"required"`
Consented bool `json:"consented"`
}
ConsentPurpose represents a specific purpose for data processing
type ConsentRecord ¶
type ConsentRecord struct {
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
ConsentDate time.Time `json:"consent_date"`
ExpiryDate *time.Time `json:"expiry_date,omitempty"`
Timestamp *time.Time `json:"timestamp,omitempty"`
WithdrawalDate *time.Time `json:"withdrawal_date,omitempty"`
RenewalDate *time.Time `json:"renewal_date,omitempty"`
Metadata map[string]any `json:"metadata"`
ConsentProof *ConsentProof `json:"consent_proof,omitempty"`
ID string `json:"id"`
WithdrawalMethod string `json:"withdrawal_method,omitempty"`
UserAgent string `json:"user_agent,omitempty"`
IPAddress string `json:"ip_address,omitempty"`
Source string `json:"source,omitempty"`
Purpose string `json:"purpose,omitempty"`
DataSubjectID string `json:"data_subject_id"`
DataSubjectEmail string `json:"data_subject_email"`
ConsentVersion string `json:"consent_version"`
ConsentMethod string `json:"consent_method"`
LegalBasis string `json:"legal_basis"`
Status string `json:"status"`
Recipients []DataRecipient `json:"recipients"`
ConsentScope []ConsentPurpose `json:"consent_scope"`
ProcessingPurposes []string `json:"processing_purposes"`
DataCategories []string `json:"data_categories"`
RetentionPeriod time.Duration `json:"retention_period"`
Granular bool `json:"granular"`
Specific bool `json:"specific"`
Informed bool `json:"informed"`
Unambiguous bool `json:"unambiguous"`
ConsentGiven bool `json:"consent_given"`
}
ConsentRecord represents a complete consent record
type ConsentStore ¶
type ConsentStore interface {
StoreConsent(ctx context.Context, consent *ConsentRecord) error
GetConsent(ctx context.Context, dataSubjectID, purpose string) (*ConsentRecord, error)
GetAllConsents(ctx context.Context, dataSubjectID string) ([]*ConsentRecord, error)
UpdateConsent(ctx context.Context, consentID string, updates *ConsentUpdates) error
WithdrawConsent(ctx context.Context, consentID string, withdrawal *ConsentWithdrawal) error
GetExpiredConsents(ctx context.Context) ([]*ConsentRecord, error)
GetConsentsForRenewal(ctx context.Context) ([]*ConsentRecord, error)
// Additional methods needed by tests
RecordConsent(ctx context.Context, consent *ConsentRecord) error
ListConsents(ctx context.Context, dataSubjectID string) ([]*ConsentRecord, error)
GetConsentHistory(ctx context.Context, consentID string) ([]*ConsentHistoryEntry, error)
CleanupExpiredConsents(ctx context.Context) error
}
ConsentStore interface for storing and retrieving consent data
type ConsentUpdate ¶
type ConsentUpdate = ConsentUpdates
ConsentUpdate represents updates to consent (alias for ConsentUpdates for test compatibility)
type ConsentUpdates ¶
type ConsentUpdates struct {
Timestamp time.Time `json:"timestamp,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
RetentionPeriod *time.Duration `json:"retention_period,omitempty"`
ExpiryDate *time.Time `json:"expiry_date,omitempty"`
UpdatedBy string `json:"updated_by"`
UpdateReason string `json:"update_reason"`
Reason string `json:"reason,omitempty"`
ConsentScope []ConsentPurpose `json:"consent_scope,omitempty"`
Recipients []DataRecipient `json:"recipients,omitempty"`
ConsentGiven bool `json:"consent_given,omitempty"`
}
ConsentUpdates represents updates to consent
type ConsentWithdrawal ¶
type ConsentWithdrawal struct {
WithdrawalDate time.Time `json:"withdrawal_date"`
Timestamp time.Time `json:"timestamp,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
WithdrawalMethod string `json:"withdrawal_method"`
Reason string `json:"reason,omitempty"`
RequestedBy string `json:"requested_by"`
Method string `json:"method,omitempty"`
WithdrawnPurposes []string `json:"withdrawn_purposes,omitempty"`
PartialWithdrawal bool `json:"partial_withdrawal"`
Verified bool `json:"verified"`
}
ConsentWithdrawal represents consent withdrawal
type ContextualRiskFactor ¶
type ContextualRiskFactor struct {
Conditions map[string]any `json:"conditions"`
Context string `json:"context"`
RiskFactor
Multiplier float64 `json:"multiplier"`
Temporal bool `json:"temporal"`
Behavioral bool `json:"behavioral"`
}
ContextualRiskFactor represents a contextual risk factor
type ControlEvidence ¶
type ControlEvidence struct {
CollectionDate time.Time `json:"collection_date"`
RetentionDate time.Time `json:"retention_date"`
Metadata map[string]any `json:"metadata"`
VerificationDate *time.Time `json:"verification_date,omitempty"`
Data map[string]any `json:"data"`
Description string `json:"description"`
Source string `json:"source"`
ID string `json:"id"`
VerifiedBy string `json:"verified_by"`
Integrity string `json:"integrity"`
EvidenceType string `json:"evidence_type"`
ControlID string `json:"control_id"`
Verified bool `json:"verified"`
Archived bool `json:"archived"`
}
ControlEvidence represents evidence collected for a control
type ControlStatus ¶
type ControlStatus struct {
LastTestDate time.Time `json:"last_test_date"`
NextTestDate time.Time `json:"next_test_date"`
Metadata map[string]any `json:"metadata"`
ControlID string `json:"control_id"`
CurrentStatus string `json:"current_status"`
TrendDirection string `json:"trend_direction"`
RiskLevel string `json:"risk_level"`
ComplianceRate float64 `json:"compliance_rate"`
ExceptionCount int `json:"exception_count"`
EffectivenessRating float64 `json:"effectiveness_rating"`
}
ControlStatus represents the current status of a control
type ControlTestResult ¶
type ControlTestResult struct {
TestDate time.Time `json:"test_date"`
Metadata map[string]any `json:"metadata"`
ControlID string `json:"control_id"`
TestID string `json:"test_id"`
TestType string `json:"test_type"`
Status string `json:"status"`
ReviewerID string `json:"reviewer_id"`
TesterID string `json:"tester_id"`
Evidence []*ControlEvidence `json:"evidence"`
Exceptions []*ComplianceException `json:"exceptions"`
Findings []string `json:"findings"`
Recommendations []string `json:"recommendations"`
TestDuration time.Duration `json:"test_duration"`
Threshold float64 `json:"threshold"`
Score float64 `json:"score"`
Passed bool `json:"passed"`
}
ControlTestResult represents the result of a control test
type ControlTester ¶
type ControlTester interface {
TestControl(ctx context.Context, control SOC2Control) (*ControlTestResult, error)
TestAllControls(ctx context.Context) ([]*ControlTestResult, error)
GetControlStatus(controlID string) (*ControlStatus, error)
ScheduleControlTest(controlID string, frequency time.Duration) error
}
ControlTester interface for automated control testing
type CrossBorderRule ¶
type CrossBorderRule struct {
ID string `json:"id"`
Name string `json:"name"`
SourceCountries []string `json:"source_countries"`
DestCountries []string `json:"dest_countries"`
DataCategories []string `json:"data_categories"`
RequiredSafeguards []string `json:"required_safeguards"`
Conditions []string `json:"conditions"`
Prohibited bool `json:"prohibited"`
}
CrossBorderRule represents a rule for cross-border transfers
type CrossBorderTransfer ¶
type CrossBorderTransfer struct {
TransferDate time.Time `json:"transfer_date"`
Metadata map[string]any `json:"metadata"`
DestinationCountry string `json:"destination_country"`
DataImporter string `json:"data_importer"`
ID string `json:"id"`
DataExporter string `json:"data_exporter"`
SourceCountry string `json:"source_country"`
LegalBasis string `json:"legal_basis"`
Frequency string `json:"frequency"`
Volume string `json:"volume"`
Purposes []string `json:"purposes"`
Safeguards []string `json:"safeguards"`
DataCategories []string `json:"data_categories"`
BCRApplied bool `json:"bcr_applied"`
SCCApplied bool `json:"scc_applied"`
AdequacyDecision bool `json:"adequacy_decision"`
}
CrossBorderTransfer represents a cross-border data transfer
type CrossBorderTransferLog ¶
type CrossBorderTransferLog struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
TransferID string `json:"transfer_id"`
DataExporter string `json:"data_exporter"`
DataImporter string `json:"data_importer"`
SourceCountry string `json:"source_country"`
DestinationCountry string `json:"destination_country"`
LegalBasis string `json:"legal_basis"`
Safeguards []string `json:"safeguards"`
}
CrossBorderTransferLog represents a cross-border transfer for audit logging
type CrossBorderValidator ¶
type CrossBorderValidator interface {
ValidateTransfer(ctx context.Context, transfer *CrossBorderTransfer) (*TransferValidation, error)
GetAdequacyDecisions() ([]AdequacyDecision, error)
ValidateStandardContractualClauses(ctx context.Context, clauses *SCCValidation) (*SCCResult, error)
ValidateBindingCorporateRules(ctx context.Context, bcr *BCRValidation) (*BCRResult, error)
}
CrossBorderValidator interface for cross-border data transfer validation
type CustomMetric ¶
type CustomMetric struct {
// Map first (24 bytes)
Metadata map[string]any `json:"metadata"`
// Time struct (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Unit string `json:"unit"`
Type string `json:"type"`
Category string `json:"category"`
// Float64 last (8 bytes)
Value float64 `json:"value"`
}
CustomMetric represents a custom metric Memory optimized: 136 → 120 bytes (16 bytes saved)
type CustomMetricQuery ¶
type CustomMetricQuery struct {
// Map first (24 bytes)
Parameters map[string]any `json:"parameters"`
// Struct (varies)
TimeRange TimeRange `json:"time_range"`
// Strings (16 bytes each)
ID string `json:"id"`
Name string `json:"name"`
Query string `json:"query"`
Type string `json:"type"`
Aggregation string `json:"aggregation"`
}
CustomMetricQuery represents a query for custom metrics Memory optimized: 136 → 128 bytes (8 bytes saved)
type DashboardAlert ¶
type DashboardAlert struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
ResolvedAt *time.Time `json:"resolved_at,omitempty"`
AcknowledgedAt *time.Time `json:"acknowledged_at,omitempty"`
Title string `json:"title"`
Severity string `json:"severity"`
Type string `json:"type"`
Description string `json:"description"`
Metric string `json:"metric"`
Status string `json:"status"`
AcknowledgedBy string `json:"acknowledged_by,omitempty"`
ID string `json:"id"`
Actions []AlertAction `json:"actions"`
Threshold float64 `json:"threshold"`
CurrentValue float64 `json:"current_value"`
}
DashboardAlert represents a dashboard alert Memory optimized: 216 → 184 bytes (32 bytes saved)
type DashboardAlertManager ¶
type DashboardAlertManager interface {
CheckThresholds(ctx context.Context, metrics *DashboardMetrics) ([]*DashboardAlert, error)
SendAlert(ctx context.Context, alert *DashboardAlert) error
GetActiveAlerts(ctx context.Context) ([]*DashboardAlert, error)
AcknowledgeAlert(ctx context.Context, alertID string, acknowledgedBy string) error
}
DashboardAlertManager interface for dashboard alerts
type DashboardCache ¶
type DashboardCache interface {
Get(key string) (any, bool)
Set(key string, value any, ttl time.Duration)
Delete(key string)
Clear()
}
DashboardCache interface for dashboard caching
type DashboardConfig ¶
type DashboardConfig struct {
// 8-byte aligned fields first
RefreshInterval time.Duration `json:"refresh_interval"`
CacheTTL time.Duration `json:"cache_ttl"`
// 4-byte aligned fields
HistoricalDataDays int `json:"historical_data_days"`
MaxDataPoints int `json:"max_data_points"`
// Bools grouped together (1 byte each)
Enabled bool `json:"enabled"`
CacheEnabled bool `json:"cache_enabled"`
RealTimeUpdates bool `json:"real_time_updates"`
AlertingEnabled bool `json:"alerting_enabled"`
ExportEnabled bool `json:"export_enabled"`
CustomMetricsEnabled bool `json:"custom_metrics_enabled"`
}
DashboardConfig configuration for compliance dashboard Memory optimized: 64 → 40 bytes (24 bytes saved)
type DashboardLayout ¶
type DashboardLayout struct {
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
CreatedBy string `json:"created_by"`
Widgets []DashboardWidget `json:"widgets"`
Permissions []string `json:"permissions"`
IsDefault bool `json:"is_default"`
}
DashboardLayout represents dashboard layout
type DashboardMetrics ¶
type DashboardMetrics struct {
Timestamp time.Time `json:"timestamp"`
ComplianceMetrics *ComplianceMetrics `json:"compliance_metrics"`
RiskMetrics *RiskMetrics `json:"risk_metrics"`
AuditMetrics *AuditMetrics `json:"audit_metrics"`
PerformanceMetrics *PerformanceMetrics `json:"performance_metrics"`
Summary *DashboardSummary `json:"summary"`
CustomMetrics []*CustomMetric `json:"custom_metrics"`
Alerts []*DashboardAlert `json:"alerts"`
}
DashboardMetrics represents comprehensive dashboard metrics Memory optimized: 112 → 96 bytes (16 bytes saved)
type DashboardSummary ¶
type DashboardSummary struct {
LastUpdated time.Time `json:"last_updated"`
KeyMetrics map[string]float64 `json:"key_metrics"`
Metadata map[string]any `json:"metadata"`
OverallHealth string `json:"overall_health"`
ComplianceStatus string `json:"compliance_status"`
RiskStatus string `json:"risk_status"`
AuditStatus string `json:"audit_status"`
TrendDirection string `json:"trend_direction"`
Recommendations []string `json:"recommendations"`
ActiveAlerts int `json:"active_alerts"`
CriticalIssues int `json:"critical_issues"`
}
DashboardSummary represents a summary of dashboard data Memory optimized: 160 → 128 bytes (32 bytes saved)
type DashboardWidget ¶
type DashboardWidget struct {
LastUpdated time.Time `json:"last_updated"`
Data any `json:"data"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Type string `json:"type"`
Title string `json:"title"`
Description string `json:"description"`
Config WidgetConfig `json:"config"`
Position WidgetPosition `json:"position"`
Size WidgetSize `json:"size"`
}
DashboardWidget represents a dashboard widget
type DataAccessLog ¶
type DataAccessLog struct {
Timestamp time.Time `json:"timestamp"`
DataType string `json:"data_type"`
Classification string `json:"classification"`
Action string `json:"action"`
Purpose string `json:"purpose,omitempty"`
Fields []string `json:"fields,omitempty"`
RecordCount int `json:"record_count"`
}
DataAccessLog represents data access for audit trails Memory optimized: 112 → 96 bytes (16 bytes saved)
type DataAccessRequest ¶
type DataAccessRequest struct {
Timestamp time.Time `json:"timestamp,omitempty"`
DueDate time.Time `json:"due_date"`
RequestDate time.Time `json:"request_date"`
Metadata map[string]any `json:"metadata"`
Verification *IdentityVerification `json:"verification"`
ContactInfo string `json:"contact_info,omitempty"`
Status string `json:"status"`
UserID string `json:"user_id,omitempty"`
Purpose string `json:"purpose,omitempty"`
Region string `json:"region,omitempty"`
RequestType string `json:"request_type"`
Email string `json:"email"`
DataSubjectID string `json:"data_subject_id"`
ID string `json:"id"`
Scope []string `json:"scope"`
}
DataAccessRequest represents a data subject access request
type DataAccessResponse ¶
type DataAccessResponse struct {
ResponseDate time.Time `json:"response_date"`
Data map[string]any `json:"data"`
Metadata map[string]any `json:"metadata"`
RequestID string `json:"request_id"`
Format string `json:"format"`
DeliveryMethod string `json:"delivery_method"`
Status string `json:"status,omitempty"`
DataSources []string `json:"data_sources"`
Encrypted bool `json:"encrypted"`
}
DataAccessResponse represents the response to a data access request
type DataAccessResult ¶
type DataAccessResult struct {
Restrictions []string `json:"restrictions,omitempty"`
Violations []string `json:"violations,omitempty"`
Data any `json:"data,omitempty"`
MaskedData any `json:"masked_data,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
ExpiresAt time.Time `json:"expires_at,omitempty"`
Allowed bool `json:"allowed"`
AuditRequired bool `json:"audit_required"`
}
DataAccessResult represents the result of a data access request
type DataAggregator ¶
type DataAggregator interface {
AggregateByTimeframe(ctx context.Context, data []DataPoint, interval time.Duration) ([]AggregatedDataPoint, error)
AggregateByDimension(ctx context.Context, data []DataPoint, dimension string) (map[string]float64, error)
CalculateTrends(ctx context.Context, data []DataPoint) (*TrendAnalysis, error)
GenerateSummary(ctx context.Context, data []DataPoint) (*DataSummary, error)
}
DataAggregator interface for data aggregation
type DataClassification ¶
type DataClassification string
DataClassification defines data sensitivity levels
const ( DataPublic DataClassification = "public" DataInternal DataClassification = "internal" DataConfidential DataClassification = "confidential" DataRestricted DataClassification = "restricted" )
type DataContext ¶
type DataContext struct {
Data any `json:"data"`
Classification DataClassification `json:"classification"`
Fields map[string]DataClassification `json:"fields"`
Metadata map[string]any `json:"metadata"`
Timestamp time.Time `json:"timestamp"`
UserID string `json:"user_id"`
TenantID string `json:"tenant_id"`
Region string `json:"region"`
Purpose string `json:"purpose"`
}
DataContext represents data with its classification and metadata
type DataDeletionProvider ¶
type DataDeletionProvider interface {
Name() string
DeleteUserData(ctx context.Context, request *DataDeletionRequest) (*DataDeletionResult, error)
IsRequired() bool // Whether failure of this provider should fail the entire operation
}
DataDeletionProvider interface for different data stores
type DataDeletionRequest ¶
type DataDeletionRequest struct {
Timestamp time.Time `json:"timestamp"`
DataSubjectID string `json:"data_subject_id"`
TenantID string `json:"tenant_id"`
RequestID string `json:"request_id"`
ErasureScope []string `json:"erasure_scope"`
RetainForLegal bool `json:"retain_for_legal"`
}
DataDeletionRequest represents a request to delete user data
type DataDeletionResult ¶
type DataDeletionResult struct {
ProviderName string `json:"provider_name"`
ErrorMessage string `json:"error_message,omitempty"`
DeletedDataTypes []string `json:"deleted_data_types"`
RetainedDataTypes []string `json:"retained_data_types"`
RetentionReasons []string `json:"retention_reasons"`
DeletedRecords int `json:"deleted_records"`
RetainedRecords int `json:"retained_records"`
ProcessingTime time.Duration `json:"processing_time"`
Success bool `json:"success"`
}
DataDeletionResult represents the result of a data deletion operation
type DataErasureRequest ¶
type DataErasureRequest struct {
DataAccessRequest
Reason string `json:"reason"`
ErasureScope []string `json:"erasure_scope"`
RetainForLegal bool `json:"retain_for_legal"`
}
DataErasureRequest represents a data erasure request
type DataErasureResponse ¶
type DataErasureResponse struct {
ResponseDate time.Time `json:"response_date"`
Metadata map[string]any `json:"metadata"`
RequestID string `json:"request_id"`
RetentionReason string `json:"retention_reason,omitempty"`
Status string `json:"status,omitempty"`
ErasedData []string `json:"erased_data"`
RetainedData []string `json:"retained_data"`
DataDeleted []string `json:"data_deleted,omitempty"`
DeletedCount int `json:"deleted_count,omitempty"`
ThirdPartyNotified bool `json:"third_party_notified"`
}
DataErasureResponse represents the response to a data erasure request
type DataObjectionRequest ¶
type DataObjectionRequest struct {
DataAccessRequest
ObjectionReason string `json:"objection_reason"`
LegalGrounds string `json:"legal_grounds"`
ProcessingPurposes []string `json:"processing_purposes"`
}
DataObjectionRequest represents a data processing objection request
type DataObjectionResponse ¶
type DataObjectionResponse struct {
ResponseDate time.Time `json:"response_date"`
Metadata map[string]any `json:"metadata"`
RequestID string `json:"request_id"`
LegalJustification string `json:"legal_justification,omitempty"`
ContinuedProcessing []string `json:"continued_processing,omitempty"`
ProcessingStopped bool `json:"processing_stopped"`
}
DataObjectionResponse represents the response to a data objection request
type DataPoint ¶
type DataPoint struct {
Timestamp time.Time `json:"timestamp"`
Labels map[string]string `json:"labels"`
Metadata map[string]any `json:"metadata"`
Value float64 `json:"value"`
}
DataPoint represents a generic data point
type DataPortabilityRequest ¶
type DataPortabilityRequest struct {
TargetController string `json:"target_controller,omitempty"`
Format string `json:"format"`
DataAccessRequest
StructuredData bool `json:"structured_data"`
}
DataPortabilityRequest represents a data portability request
type DataPortabilityResponse ¶
type DataPortabilityResponse struct {
ResponseDate time.Time `json:"response_date"`
Data map[string]any `json:"data"`
Metadata map[string]any `json:"metadata"`
RequestID string `json:"request_id"`
Format string `json:"format"`
TransferMethod string `json:"transfer_method"`
StructuredData bool `json:"structured_data"`
}
DataPortabilityResponse represents the response to a data portability request
type DataProcessingActivity ¶
type DataProcessingActivity struct {
NextReview time.Time `json:"next_review"`
LastReview time.Time `json:"last_review"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Controller string `json:"controller"`
Processor string `json:"processor,omitempty"`
ThirdCountries []string `json:"third_countries"`
DataCategories []string `json:"data_categories"`
DataSubjects []string `json:"data_subjects"`
Safeguards []string `json:"safeguards"`
SecurityMeasures []string `json:"security_measures"`
DataSources []string `json:"data_sources"`
Recipients []DataRecipient `json:"recipients"`
Purposes []string `json:"purposes"`
LegalBasis []string `json:"legal_basis"`
RetentionPeriod time.Duration `json:"retention_period"`
AutomatedDecision bool `json:"automated_decision"`
PIACompleted bool `json:"pia_completed"`
PIARequired bool `json:"pia_required"`
HighRisk bool `json:"high_risk"`
Profiling bool `json:"profiling"`
}
DataProcessingActivity represents a data processing activity
type DataProcessingLog ¶
type DataProcessingLog struct {
Timestamp time.Time `json:"timestamp"`
ConsentDetails *ConsentData `json:"consent_details"`
Metadata map[string]any `json:"metadata"`
ProcessingID string `json:"processing_id"`
DataSubject string `json:"data_subject"`
ProcessingPurpose string `json:"processing_purpose"`
LegalBasis string `json:"legal_basis"`
DataCategories []string `json:"data_categories"`
Recipients []string `json:"recipients"`
ThirdCountries []string `json:"third_countries"`
SecurityMeasures []string `json:"security_measures"`
RetentionPeriod time.Duration `json:"retention_period"`
}
DataProcessingLog for GDPR data processing logging
type DataProtectionConfig ¶
type DataProtectionConfig struct {
FieldClassifications map[string]DataClassification `json:"field_classifications"`
RegionRestrictions map[DataClassification][]string `json:"region_restrictions"`
RetentionPolicies map[DataClassification]time.Duration `json:"retention_policies"`
AccessControls map[DataClassification][]string `json:"access_controls"`
MaskingRules map[string]MaskingRule `json:"masking_rules"`
EncryptionKey string `json:"encryption_key"`
DefaultClassification DataClassification `json:"default_classification"`
}
DataProtectionConfig holds configuration for data protection
type DataProtectionData ¶
type DataProtectionData struct {
DataClassification string `json:"data_classification"`
EncryptionMethod string `json:"encryption_method"`
EncryptionStrength string `json:"encryption_strength"`
KeyManagement string `json:"key_management"`
DataLocation []string `json:"data_location"`
BackupEncrypted bool `json:"backup_encrypted"`
TransitEncryption bool `json:"transit_encryption"`
RestEncryption bool `json:"rest_encryption"`
DataMasking bool `json:"data_masking"`
RetentionPeriod time.Duration `json:"retention_period"`
}
DataProtectionData for data protection controls
type DataProtectionManager ¶
type DataProtectionManager struct {
// contains filtered or unexported fields
}
DataProtectionManager handles data classification and protection
func GetDataProtectionManager ¶
func GetDataProtectionManager(ctx LiftContext) (*DataProtectionManager, error)
GetDataProtectionManager retrieves the data protection manager from context
func NewDataProtectionManager ¶
func NewDataProtectionManager(config DataProtectionConfig) (*DataProtectionManager, error)
NewDataProtectionManager creates a new data protection manager
func (*DataProtectionManager) ClassifyData ¶
func (dpm *DataProtectionManager) ClassifyData(data any, context map[string]any) *DataContext
ClassifyData classifies data based on content and configuration
func (*DataProtectionManager) ProtectData ¶
func (dpm *DataProtectionManager) ProtectData(dataCtx *DataContext, accessRequest DataProtectionRequest) (*DataAccessResult, error)
ProtectData applies protection measures to data based on classification
func (*DataProtectionManager) ValidateDataAccess ¶
func (dpm *DataProtectionManager) ValidateDataAccess(request DataProtectionRequest) *DataAccessResult
ValidateDataAccess validates if data access is allowed
func (*DataProtectionManager) ValidateDataAccessFromGDPR ¶
func (dpm *DataProtectionManager) ValidateDataAccessFromGDPR(request any) *DataAccessResult
ValidateDataAccessFromGDPR validates data access from a GDPR DataAccessRequest
type DataProtectionRequest ¶
type DataProtectionRequest struct {
Fields []string `json:"fields"`
UserID string `json:"user_id"`
TenantID string `json:"tenant_id"`
DataType string `json:"data_type"`
Purpose string `json:"purpose"`
Region string `json:"region"`
Classification DataClassification `json:"classification"`
Metadata map[string]any `json:"metadata"`
}
DataProtectionRequest represents a request to access protected data
type DataRecipient ¶
type DataRecipient struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"` // "controller", "processor", "third_party"
Country string `json:"country"`
Purposes []string `json:"purposes"`
Safeguards []string `json:"safeguards"`
}
DataRecipient represents a recipient of personal data
type DataRectificationRequest ¶
type DataRectificationRequest struct {
IncorrectData map[string]any `json:"incorrect_data"`
CorrectedData map[string]any `json:"corrected_data"`
DataAccessRequest
}
DataRectificationRequest represents a data rectification request
type DataRectificationResponse ¶
type DataRectificationResponse struct {
ResponseDate time.Time `json:"response_date"`
RectifiedData map[string]any `json:"rectified_data"`
Metadata map[string]any `json:"metadata"`
RequestID string `json:"request_id"`
ThirdPartyNotified bool `json:"third_party_notified"`
}
DataRectificationResponse represents the response to a data rectification request
type DataSubjectRequestLog ¶
type DataSubjectRequestLog struct {
Timestamp time.Time `json:"timestamp"`
Details map[string]any `json:"details"`
Metadata map[string]any `json:"metadata"`
RequestID string `json:"request_id"`
RequestType string `json:"request_type"`
DataSubjectID string `json:"data_subject_id"`
Status string `json:"status"`
ProcessedBy string `json:"processed_by"`
}
DataSubjectRequestLog represents a data subject request for audit logging
type DataSubjectRightsHandler ¶
type DataSubjectRightsHandler interface {
HandleAccessRequest(ctx context.Context, request *DataAccessRequest) (*DataAccessResponse, error)
HandlePortabilityRequest(ctx context.Context, request *DataPortabilityRequest) (*DataPortabilityResponse, error)
HandleErasureRequest(ctx context.Context, request *DataErasureRequest) (*DataErasureResponse, error)
HandleRectificationRequest(ctx context.Context, request *DataRectificationRequest) (*DataRectificationResponse, error)
HandleObjectionRequest(ctx context.Context, request *DataObjectionRequest) (*DataObjectionResponse, error)
GetRequestStatus(ctx context.Context, requestID string) (*RequestStatus, error)
}
DataSubjectRightsHandler interface for handling data subject rights
type DataSummary ¶
type DataSummary struct {
Percentiles map[string]float64 `json:"percentiles"`
Metadata map[string]any `json:"metadata"`
Count int `json:"count"`
Min float64 `json:"min"`
Max float64 `json:"max"`
Average float64 `json:"average"`
Median float64 `json:"median"`
StdDev float64 `json:"std_dev"`
}
DataSummary represents a summary of data
type DataTokenizer ¶
type DataTokenizer struct {
// contains filtered or unexported fields
}
DataTokenizer handles data tokenization for PCI compliance
func NewDataTokenizer ¶
func NewDataTokenizer() *DataTokenizer
NewDataTokenizer creates a new data tokenizer
func (*DataTokenizer) Detokenize ¶
func (dt *DataTokenizer) Detokenize(token string) (string, error)
Detokenize retrieves original data from token
type EcommerceComplianceConfig ¶
type EcommerceComplianceConfig struct {
PaymentSecurity string `json:"payment_security_level"`
AccessibilityStds []string `json:"accessibility_standards"`
CrossBorderRules []string `json:"cross_border_rules"`
TaxCompliance []string `json:"tax_compliance"`
COPPARequired bool `json:"coppa_required"`
ConsumerProtection bool `json:"consumer_protection"`
DataPortability bool `json:"data_portability"`
CookieConsent bool `json:"cookie_consent"`
MarketingConsent bool `json:"marketing_consent"`
PCIDSSRequired bool `json:"pci_dss_required"`
FraudPrevention bool `json:"fraud_prevention"`
CCPARequired bool `json:"ccpa_required"`
GDPRRequired bool `json:"gdpr_required"`
}
EcommerceComplianceConfig configuration for e-commerce compliance
type EcommerceComplianceTemplate ¶
type EcommerceComplianceTemplate struct {
// contains filtered or unexported fields
}
EcommerceComplianceTemplate for e-commerce compliance
func NewEcommerceComplianceTemplate ¶
func NewEcommerceComplianceTemplate(config EcommerceComplianceConfig) *EcommerceComplianceTemplate
NewEcommerceComplianceTemplate creates a new e-commerce compliance template
func (*EcommerceComplianceTemplate) GenerateComplianceReport ¶
func (e *EcommerceComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
GenerateComplianceReport generates an e-commerce compliance report
func (*EcommerceComplianceTemplate) GetAudits ¶
func (e *EcommerceComplianceTemplate) GetAudits() []AuditRequirement
GetAudits returns audit requirements
func (*EcommerceComplianceTemplate) GetComplianceMiddleware ¶
func (e *EcommerceComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
GetComplianceMiddleware returns compliance middleware
func (*EcommerceComplianceTemplate) GetControls ¶
func (e *EcommerceComplianceTemplate) GetControls() []ComplianceControl
GetControls returns compliance controls
func (*EcommerceComplianceTemplate) GetIndustry ¶
func (e *EcommerceComplianceTemplate) GetIndustry() string
GetIndustry returns the industry name
func (*EcommerceComplianceTemplate) GetRegulations ¶
func (e *EcommerceComplianceTemplate) GetRegulations() []string
GetRegulations returns applicable regulations
func (*EcommerceComplianceTemplate) GetRiskAssessments ¶
func (e *EcommerceComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
GetRiskAssessments returns risk assessment templates
func (*EcommerceComplianceTemplate) ValidateCompliance ¶
func (e *EcommerceComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
ValidateCompliance validates compliance for e-commerce
type EncryptedCachedSecret ¶
EncryptedCachedSecret represents an encrypted cached secret with expiration
type EncryptedSecretCache ¶
type EncryptedSecretCache struct {
// contains filtered or unexported fields
}
EncryptedSecretCache provides encrypted in-memory caching for secrets with TTL
func NewEncryptedSecretCache ¶
func NewEncryptedSecretCache(ttl time.Duration, encryptionKey []byte) (*EncryptedSecretCache, error)
NewEncryptedSecretCache creates a new encrypted secret cache with the specified TTL
func (*EncryptedSecretCache) Clear ¶
func (c *EncryptedSecretCache) Clear()
Clear removes all values from the cache and clears encryption keys
func (*EncryptedSecretCache) Delete ¶
func (c *EncryptedSecretCache) Delete(key string)
Delete removes a value from the cache
func (*EncryptedSecretCache) Get ¶
func (c *EncryptedSecretCache) Get(key string) (string, error)
Get retrieves and decrypts a value from the cache
func (*EncryptedSecretCache) GetCacheInfo ¶
func (c *EncryptedSecretCache) GetCacheInfo() map[string]any
GetCacheInfo returns cache statistics (for monitoring)
func (*EncryptedSecretCache) Set ¶
func (c *EncryptedSecretCache) Set(key, value string) error
Set encrypts and stores a value in the cache with TTL
func (*EncryptedSecretCache) Size ¶
func (c *EncryptedSecretCache) Size() int
Size returns the number of cached secrets
type EnhancedAuditConfig ¶
type EnhancedAuditConfig struct {
RetentionPeriod time.Duration `json:"retention_period"`
DetailedLogging bool `json:"detailed_logging"`
RealTimeMonitoring bool `json:"real_time_monitoring"`
AnomalyDetection bool `json:"anomaly_detection"`
ThreatIntelligence bool `json:"threat_intelligence"`
AutomatedResponse bool `json:"automated_response"`
EncryptionRequired bool `json:"encryption_required"`
IntegrityValidation bool `json:"integrity_validation"`
}
EnhancedAuditConfig for advanced audit capabilities
type EnhancedAuditLogger ¶
type EnhancedAuditLogger interface {
AuditLogger // Embed base interface
StartSOC2Audit(ctx LiftContext) string
LogSecurityControls(auditID string, controls *SOC2Controls) error
LogGDPREvent(auditID string, event *GDPREvent) error
LogComplianceTest(auditID string, test *ComplianceTestResult) error
LogDataProcessing(auditID string, processing *DataProcessingLog) error
CompleteSOC2Audit(auditID string, result any, err error) error
}
EnhancedAuditLogger provides advanced audit capabilities
type EnhancedComplianceConfig ¶
type EnhancedComplianceConfig struct {
IndustryTemplate IndustryTemplate `json:"industry_template"`
ComplianceConfig
GDPR GDPRConfig `json:"gdpr"`
SOC2TypeII SOC2TypeIIConfig `json:"soc2_type_ii"`
AuditEnhanced EnhancedAuditConfig `json:"audit_enhanced"`
}
EnhancedComplianceConfig holds advanced configuration Memory optimized: 328 → 304 bytes (24 bytes saved)
type EnhancedComplianceFramework ¶
type EnhancedComplianceFramework struct {
// contains filtered or unexported fields
}
EnhancedComplianceFramework provides advanced compliance automation
func NewEnhancedComplianceFramework ¶
func NewEnhancedComplianceFramework(framework string, config EnhancedComplianceConfig) *EnhancedComplianceFramework
NewEnhancedComplianceFramework creates a new enhanced compliance framework
func (*EnhancedComplianceFramework) AddIndustryTemplate ¶
func (ecf *EnhancedComplianceFramework) AddIndustryTemplate(industry string, template ComplianceTemplate)
AddIndustryTemplate adds an industry-specific compliance template
func (*EnhancedComplianceFramework) ApplyIndustryTemplate ¶
func (ecf *EnhancedComplianceFramework) ApplyIndustryTemplate(industry string) ([]LiftMiddleware, error)
ApplyIndustryTemplate applies industry-specific compliance template
func (*EnhancedComplianceFramework) GDPRPrivacy ¶
func (ecf *EnhancedComplianceFramework) GDPRPrivacy() LiftMiddleware
GDPRPrivacy creates GDPR privacy compliance middleware
func (*EnhancedComplianceFramework) SOC2TypeII ¶
func (ecf *EnhancedComplianceFramework) SOC2TypeII() LiftMiddleware
SOC2TypeII creates SOC 2 Type II compliance middleware
func (*EnhancedComplianceFramework) SetAdvancedValidator ¶
func (ecf *EnhancedComplianceFramework) SetAdvancedValidator(validator AdvancedComplianceValidator)
SetAdvancedValidator sets the advanced compliance validator
func (*EnhancedComplianceFramework) SetEnhancedAuditor ¶
func (ecf *EnhancedComplianceFramework) SetEnhancedAuditor(auditor EnhancedAuditLogger)
SetEnhancedAuditor sets the enhanced audit logger
type EventAnalysis ¶
type EventAnalysis struct {
Timestamp time.Time `json:"timestamp"`
RiskScore *RiskScore `json:"risk_score,omitempty"`
Analyzes map[string]any `json:"analyzes"`
EventID string `json:"event_id"`
Anomalies []*Anomaly `json:"anomalies,omitempty"`
}
EventAnalysis represents the analysis of an event
type Evidence ¶
type Evidence struct {
Timestamp time.Time `json:"timestamp"`
Data map[string]any `json:"data"`
ID string `json:"id"`
Type string `json:"type"`
Description string `json:"description"`
Source string `json:"source"`
Verified bool `json:"verified"`
}
Evidence represents compliance evidence
type EvidenceCollector ¶
type EvidenceCollector interface {
CollectEvidence(ctx context.Context, control SOC2Control) (*ControlEvidence, error)
CollectSystemEvidence(ctx context.Context) (*SystemEvidence, error)
ValidateEvidence(evidence *ControlEvidence) (*EvidenceValidation, error)
ArchiveEvidence(evidence *ControlEvidence) error
}
EvidenceCollector interface for automated evidence collection
type EvidenceRequirement ¶
type EvidenceRequirement struct {
Type string `json:"type"`
Description string `json:"description"`
Required bool `json:"required"`
Automated bool `json:"automated"`
}
EvidenceRequirement defines required evidence
type EvidenceValidation ¶
type EvidenceValidation struct {
ValidationDate time.Time `json:"validation_date"`
ValidatedBy string `json:"validated_by"`
Issues []string `json:"issues"`
Recommendations []string `json:"recommendations"`
Valid bool `json:"valid"`
IntegrityCheck bool `json:"integrity_check"`
CompletenessCheck bool `json:"completeness_check"`
AccuracyCheck bool `json:"accuracy_check"`
}
EvidenceValidation represents evidence validation results
type ExceptionResolution ¶
type ExceptionResolution struct {
ResolvedDate time.Time `json:"resolved_date"`
VerificationDate *time.Time `json:"verification_date,omitempty"`
ResolvedBy string `json:"resolved_by"`
ResolutionType string `json:"resolution_type"`
Description string `json:"description"`
VerifiedBy string `json:"verified_by"`
ActionsToken []string `json:"actions_taken"`
Verified bool `json:"verified"`
}
ExceptionResolution represents the resolution of an exception
type ExceptionTracker ¶
type ExceptionTracker interface {
RecordException(exception *ComplianceException) error
GetExceptions(controlID string, since time.Time) ([]*ComplianceException, error)
GetExceptionTrends() (*ExceptionTrends, error)
ResolveException(exceptionID string, resolution *ExceptionResolution) error
}
ExceptionTracker interface for tracking compliance exceptions
type ExceptionTrends ¶
type ExceptionTrends struct {
ExceptionsByControl map[string]int `json:"exceptions_by_control"`
ExceptionsBySeverity map[string]int `json:"exceptions_by_severity"`
Period string `json:"period"`
TrendDirection string `json:"trend_direction"`
Recommendations []string `json:"recommendations"`
TotalExceptions int `json:"total_exceptions"`
OpenExceptions int `json:"open_exceptions"`
ResolvedExceptions int `json:"resolved_exceptions"`
AverageResolutionTime time.Duration `json:"average_resolution_time"`
ComplianceRate float64 `json:"compliance_rate"`
}
ExceptionTrends represents exception trend analysis
type FeatureExtractionConfig ¶
type FeatureExtractionConfig struct {
FeatureWeights map[string]float64 `json:"feature_weights"`
Metadata map[string]any `json:"metadata"`
NormalizationMethod string `json:"normalization_method"`
EnabledFeatures []string `json:"enabled_features"`
TemporalWindow time.Duration `json:"temporal_window"`
BehavioralWindow time.Duration `json:"behavioral_window"`
ContextualDepth int `json:"contextual_depth"`
}
FeatureExtractionConfig configuration for feature extraction
type FeatureExtractor ¶
type FeatureExtractor interface {
Extract(event *AuditEvent, context *RiskContext) (float64, error)
GetName() string
GetDescription() string
GetWeight() float64
}
FeatureExtractor interface for extracting specific features
type FileSecretsProvider ¶
type FileSecretsProvider struct {
// contains filtered or unexported fields
}
FileSecretsProvider implements SecretsProvider for local file-based secrets (development only)
func NewFileSecretsProvider ¶
func NewFileSecretsProvider(basePath string) *FileSecretsProvider
NewFileSecretsProvider creates a file-based secrets provider for development
func NewFileSecretsProviderWithConfig ¶
func NewFileSecretsProviderWithConfig(basePath string, enableRotation bool) *FileSecretsProvider
NewFileSecretsProviderWithConfig creates a file-based secrets provider with configuration
func (*FileSecretsProvider) ClearRotationHistory ¶
func (fsp *FileSecretsProvider) ClearRotationHistory()
ClearRotationHistory clears all rotation history (testing utility)
func (*FileSecretsProvider) DeleteSecret ¶
func (fsp *FileSecretsProvider) DeleteSecret(_ context.Context, name string) error
DeleteSecret removes a secret from memory
func (*FileSecretsProvider) GetAllRotationHistory ¶
func (fsp *FileSecretsProvider) GetAllRotationHistory() map[string][]RotationRecord
GetAllRotationHistory returns rotation history for all secrets (testing/debugging)
func (*FileSecretsProvider) GetRotationHistory ¶
func (fsp *FileSecretsProvider) GetRotationHistory(name string) []RotationRecord
GetRotationHistory returns rotation history for a secret (testing/debugging)
func (*FileSecretsProvider) IsRotationEnabled ¶
func (fsp *FileSecretsProvider) IsRotationEnabled() bool
IsRotationEnabled returns whether rotation is enabled
func (*FileSecretsProvider) RotateSecret ¶
func (fsp *FileSecretsProvider) RotateSecret(_ context.Context, name string) error
RotateSecret implements rotation for file provider with simulation
func (*FileSecretsProvider) SetRotationEnabled ¶
func (fsp *FileSecretsProvider) SetRotationEnabled(enabled bool)
SetRotationEnabled enables or disables rotation for testing
func (*FileSecretsProvider) SimulateRotationFailure ¶
func (fsp *FileSecretsProvider) SimulateRotationFailure(_ context.Context, name string, errorMessage string) error
SimulateRotationFailure simulates a rotation failure for testing
type ForecastPoint ¶
type ForecastPoint struct {
Timestamp time.Time `json:"timestamp"`
Value float64 `json:"value"`
Confidence float64 `json:"confidence"`
Lower float64 `json:"lower"`
Upper float64 `json:"upper"`
}
ForecastPoint represents a forecast point
type GDPRAuditLogger ¶
type GDPRAuditLogger interface {
LogConsentEvent(ctx context.Context, event *ConsentEvent) error
LogDataSubjectRequest(ctx context.Context, request *DataSubjectRequestLog) error
LogDataProcessingActivity(ctx context.Context, activity *DataProcessingLog) error
LogCrossBorderTransfer(ctx context.Context, transfer *CrossBorderTransferLog) error
LogPrivacyBreach(ctx context.Context, breach *PrivacyBreachLog) error
}
GDPRAuditLogger interface for GDPR-specific audit logging
type GDPRConfig ¶
type GDPRConfig struct {
// Map first (24 bytes)
DataRetentionPolicies map[string]time.Duration `json:"data_retention_policies"`
// Slice (24 bytes)
DataProcessingBasis []string `json:"data_processing_basis"`
// Int (4 bytes)
BreachNotificationHours int `json:"breach_notification_hours"`
// Bools grouped together (1 byte each)
Enabled bool `json:"enabled"`
ConsentManagement bool `json:"consent_management"`
DataMinimization bool `json:"data_minimization"`
RightToBeForgotten bool `json:"right_to_be_forgotten"`
DataPortability bool `json:"data_portability"`
DPORequired bool `json:"dpo_required"`
PIARequired bool `json:"pia_required"`
}
GDPRConfig for GDPR privacy compliance Memory optimized: 64 → 48 bytes (16 bytes saved)
type GDPRConsentConfig ¶
type GDPRConsentConfig struct {
// 8-byte aligned fields (maps, slices)
DataRetentionPolicies map[string]time.Duration `json:"data_retention_policies"`
CrossBorderTransferRules []CrossBorderRule `json:"cross_border_transfer_rules"`
// 4-byte aligned fields (ints)
ConsentRenewalDays int `json:"consent_renewal_days"`
BreachNotificationHours int `json:"breach_notification_hours"`
ConsentExpiryDays int `json:"consent_expiry_days"`
DataRetentionDays int `json:"data_retention_days"`
RequestProcessingDays int `json:"request_processing_days"`
// Boolean flags (1 byte each)
Enabled bool `json:"enabled"`
AutomaticConsentRenewal bool `json:"automatic_consent_renewal"`
GranularConsentRequired bool `json:"granular_consent_required"`
ConsentWithdrawalEnabled bool `json:"consent_withdrawal_enabled"`
DataPortabilityEnabled bool `json:"data_portability_enabled"`
RightToErasureEnabled bool `json:"right_to_erasure_enabled"`
PrivacyByDesignEnabled bool `json:"privacy_by_design_enabled"`
RequireExplicitConsent bool `json:"require_explicit_consent"`
RequireConsentProof bool `json:"require_consent_proof"`
ConsentProofRequired bool `json:"consent_proof_required"`
}
GDPRConsentConfig configuration for GDPR consent management
type GDPRConsentManager ¶
type GDPRConsentManager struct {
// contains filtered or unexported fields
}
GDPRConsentManager provides comprehensive GDPR consent management
func NewGDPRConsentManager ¶
func NewGDPRConsentManager(config GDPRConsentConfig) *GDPRConsentManager
NewGDPRConsentManager creates a new GDPR consent manager
func (*GDPRConsentManager) ConductPIA ¶
func (gcm *GDPRConsentManager) ConductPIA(ctx context.Context, request *PIARequest) (*PIAResult, error)
ConductPIA conducts a privacy impact assessment
func (*GDPRConsentManager) GetConsent ¶
func (gcm *GDPRConsentManager) GetConsent(ctx context.Context, dataSubjectID, purpose string) (*ConsentRecord, error)
GetConsent retrieves consent for a data subject and purpose
func (*GDPRConsentManager) HandleAccessRequest ¶
func (gcm *GDPRConsentManager) HandleAccessRequest(ctx context.Context, request *DataAccessRequest) (*DataAccessResponse, error)
HandleAccessRequest handles a data access request
func (*GDPRConsentManager) HandleErasureRequest ¶
func (gcm *GDPRConsentManager) HandleErasureRequest(ctx context.Context, request *DataErasureRequest) (*DataErasureResponse, error)
HandleErasureRequest handles a data erasure request
func (*GDPRConsentManager) ProcessDataSubjectRequest ¶
func (gcm *GDPRConsentManager) ProcessDataSubjectRequest(ctx context.Context, request *DataAccessRequest) error
ProcessDataSubjectRequest processes a data subject request
func (*GDPRConsentManager) RecordConsent ¶
func (gcm *GDPRConsentManager) RecordConsent(ctx context.Context, consent *ConsentRecord) error
RecordConsent records a new consent
func (*GDPRConsentManager) SetAuditLogger ¶
func (gcm *GDPRConsentManager) SetAuditLogger(logger GDPRAuditLogger)
SetAuditLogger sets the GDPR audit logger
func (*GDPRConsentManager) SetConsentStore ¶
func (gcm *GDPRConsentManager) SetConsentStore(store ConsentStore)
SetConsentStore sets the consent store
func (*GDPRConsentManager) SetCrossBorderValidator ¶
func (gcm *GDPRConsentManager) SetCrossBorderValidator(validator CrossBorderValidator)
SetCrossBorderValidator sets the cross-border validator
func (*GDPRConsentManager) SetDataSubjectRightsHandler ¶
func (gcm *GDPRConsentManager) SetDataSubjectRightsHandler(handler DataSubjectRightsHandler)
SetDataSubjectRightsHandler sets the data subject rights handler
func (*GDPRConsentManager) SetPrivacyImpactAssessment ¶
func (gcm *GDPRConsentManager) SetPrivacyImpactAssessment(pia PrivacyImpactAssessment)
SetPrivacyImpactAssessment sets the privacy impact assessment handler
func (*GDPRConsentManager) UpdateConsent ¶
func (gcm *GDPRConsentManager) UpdateConsent(ctx context.Context, consentID string, updates *ConsentUpdate) error
UpdateConsent updates an existing consent
func (*GDPRConsentManager) WithdrawConsent ¶
func (gcm *GDPRConsentManager) WithdrawConsent(ctx context.Context, consentID string, withdrawal *ConsentWithdrawal) error
WithdrawConsent withdraws consent
type GDPREvent ¶
type GDPREvent struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
DataSubject string `json:"data_subject"`
DataController string `json:"data_controller"`
DataProcessor string `json:"data_processor"`
ProcessingBasis string `json:"processing_basis"`
EventType string `json:"event_type"`
Recipients []string `json:"recipients"`
DataCategories []string `json:"data_categories"`
RetentionPeriod time.Duration `json:"retention_period"`
ConsentGiven bool `json:"consent_given"`
ConsentWithdrawn bool `json:"consent_withdrawn"`
DataPortability bool `json:"data_portability"`
RightToErasure bool `json:"right_to_erasure"`
}
GDPREvent represents GDPR-related events
type GovernmentComplianceConfig ¶
type GovernmentComplianceConfig struct {
ILLevel string `json:"il_level"`
FedRAMPLevel string `json:"fedramp_level"`
NISTFramework string `json:"nist_framework"`
CUIHandling bool `json:"cui_handling"`
STIGCompliance bool `json:"stig_compliance"`
ATORequired bool `json:"ato_required"`
FISMARequired bool `json:"fisma_required"`
PIIProtection bool `json:"pii_protection"`
Section508 bool `json:"section_508"`
FOIA bool `json:"foia"`
RecordsManagement bool `json:"records_management"`
IncidentReporting bool `json:"incident_reporting"`
ContinuousMonitoring bool `json:"continuous_monitoring"`
}
GovernmentComplianceConfig configuration for government compliance
type GovernmentComplianceTemplate ¶
type GovernmentComplianceTemplate struct {
// contains filtered or unexported fields
}
GovernmentComplianceTemplate for government sector compliance
func NewGovernmentComplianceTemplate ¶
func NewGovernmentComplianceTemplate(config GovernmentComplianceConfig) *GovernmentComplianceTemplate
NewGovernmentComplianceTemplate creates a new government compliance template
func (*GovernmentComplianceTemplate) GenerateComplianceReport ¶
func (gct *GovernmentComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
GenerateComplianceReport generates a government compliance report
func (*GovernmentComplianceTemplate) GetAudits ¶
func (gct *GovernmentComplianceTemplate) GetAudits() []AuditRequirement
GetAudits returns audit requirements
func (*GovernmentComplianceTemplate) GetComplianceMiddleware ¶
func (gct *GovernmentComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
GetComplianceMiddleware returns compliance middleware
func (*GovernmentComplianceTemplate) GetControls ¶
func (gct *GovernmentComplianceTemplate) GetControls() []ComplianceControl
GetControls returns compliance controls
func (*GovernmentComplianceTemplate) GetIndustry ¶
func (gct *GovernmentComplianceTemplate) GetIndustry() string
GetIndustry returns the industry name
func (*GovernmentComplianceTemplate) GetRegulations ¶
func (gct *GovernmentComplianceTemplate) GetRegulations() []string
GetRegulations returns applicable regulations
func (*GovernmentComplianceTemplate) GetRiskAssessments ¶
func (gct *GovernmentComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
GetRiskAssessments returns risk assessment templates
func (*GovernmentComplianceTemplate) ValidateCompliance ¶
func (gct *GovernmentComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
ValidateCompliance validates compliance for government
type HealthcareComplianceConfig ¶
type HealthcareComplianceConfig struct {
PHIProtectionLevel string `json:"phi_protection_level"`
InteroperabilityStds []string `json:"interoperability_standards"`
BreachNotification bool `json:"breach_notification"`
DEACompliance bool `json:"dea_compliance"`
FDACompliance bool `json:"fda_compliance"`
BAAAgreements bool `json:"baa_agreements"`
HIPAARequired bool `json:"hipaa_required"`
AccessLogging bool `json:"access_logging"`
DataMinimization bool `json:"data_minimization"`
ConsentManagement bool `json:"consent_management"`
HITECHRequired bool `json:"hitech_required"`
ClinicalTrialData bool `json:"clinical_trial_data"`
MedicalDeviceData bool `json:"medical_device_data"`
}
HealthcareComplianceConfig configuration for healthcare compliance
type HealthcareComplianceTemplate ¶
type HealthcareComplianceTemplate struct {
// contains filtered or unexported fields
}
HealthcareComplianceTemplate for healthcare compliance
func NewHealthcareComplianceTemplate ¶
func NewHealthcareComplianceTemplate(config HealthcareComplianceConfig) *HealthcareComplianceTemplate
NewHealthcareComplianceTemplate creates a new healthcare compliance template
func (*HealthcareComplianceTemplate) GenerateComplianceReport ¶
func (hct *HealthcareComplianceTemplate) GenerateComplianceReport() (*IndustryComplianceReport, error)
GenerateComplianceReport generates a healthcare compliance report
func (*HealthcareComplianceTemplate) GetAudits ¶
func (hct *HealthcareComplianceTemplate) GetAudits() []AuditRequirement
GetAudits returns audit requirements
func (*HealthcareComplianceTemplate) GetComplianceMiddleware ¶
func (hct *HealthcareComplianceTemplate) GetComplianceMiddleware() []LiftMiddleware
GetComplianceMiddleware returns compliance middleware
func (*HealthcareComplianceTemplate) GetControls ¶
func (hct *HealthcareComplianceTemplate) GetControls() []ComplianceControl
GetControls returns compliance controls
func (*HealthcareComplianceTemplate) GetIndustry ¶
func (hct *HealthcareComplianceTemplate) GetIndustry() string
GetIndustry returns the industry name
func (*HealthcareComplianceTemplate) GetRegulations ¶
func (hct *HealthcareComplianceTemplate) GetRegulations() []string
GetRegulations returns applicable regulations
func (*HealthcareComplianceTemplate) GetRiskAssessments ¶
func (hct *HealthcareComplianceTemplate) GetRiskAssessments() []RiskAssessmentTemplate
GetRiskAssessments returns risk assessment templates
func (*HealthcareComplianceTemplate) ValidateCompliance ¶
func (hct *HealthcareComplianceTemplate) ValidateCompliance(_ LiftContext) (*ComplianceResult, error)
ValidateCompliance validates compliance for healthcare
type IPAuthorizationConfig ¶ added in v1.0.36
IPAuthorizationConfig holds configuration for IP authorization
type IPAuthorizationService ¶ added in v1.0.36
type IPAuthorizationService struct {
// contains filtered or unexported fields
}
IPAuthorizationService provides a generic interface for IP authorization
func NewIPAuthorizationService ¶ added in v1.0.36
func NewIPAuthorizationService(ssmClient *ssm.Client, ssmParameterName string) *IPAuthorizationService
NewIPAuthorizationService creates a new IP authorization service
func NewIPAuthorizationServiceFromEnv ¶ added in v1.0.36
func NewIPAuthorizationServiceFromEnv(ctx context.Context, component string) (*IPAuthorizationService, error)
NewIPAuthorizationServiceFromEnv creates a new IP authorization service using environment variables It requires PARTNER and STAGE env vars, and the component name must be provided
func (*IPAuthorizationService) IsAuthorizedIP ¶ added in v1.0.36
IsAuthorizedIP checks if the given IP is authorized
type IPExtractionError ¶ added in v1.0.36
IPExtractionError represents an error during IP extraction
func (*IPExtractionError) Error ¶ added in v1.0.36
func (e *IPExtractionError) Error() string
type IdentityVerification ¶
type IdentityVerification struct {
VerifiedDate time.Time `json:"verified_date"`
Metadata map[string]any `json:"metadata"`
Method string `json:"method"`
VerifiedBy string `json:"verified_by"`
Evidence []string `json:"evidence"`
Verified bool `json:"verified"`
}
IdentityVerification represents identity verification for data subject requests
type InMemoryAuditStorage ¶
type InMemoryAuditStorage struct {
// contains filtered or unexported fields
}
InMemoryAuditStorage implements AuditStorage for testing and development
func NewInMemoryAuditStorage ¶
func NewInMemoryAuditStorage() *InMemoryAuditStorage
NewInMemoryAuditStorage creates a new in-memory audit storage
func (*InMemoryAuditStorage) BatchStore ¶
func (imas *InMemoryAuditStorage) BatchStore(_ context.Context, entries []AuditLogEntry) error
BatchStore stores multiple audit entries
func (*InMemoryAuditStorage) Clear ¶
func (imas *InMemoryAuditStorage) Clear()
Clear clears all audit entries
func (*InMemoryAuditStorage) Query ¶
func (imas *InMemoryAuditStorage) Query(_ context.Context, filter AuditFilter) ([]AuditLogEntry, error)
Query queries audit entries based on filter
func (*InMemoryAuditStorage) Store ¶
func (imas *InMemoryAuditStorage) Store(_ context.Context, entry AuditLogEntry) error
Store stores a single audit entry
type IncidentForecast ¶
type IncidentForecast struct {
EstimatedTime time.Time `json:"estimated_time"`
Metadata map[string]any `json:"metadata"`
Type string `json:"type"`
Severity string `json:"severity"`
Indicators []string `json:"indicators"`
Prevention []string `json:"prevention"`
Impact IncidentImpact `json:"impact"`
Probability float64 `json:"probability"`
Confidence float64 `json:"confidence"`
}
IncidentForecast represents a forecasted incident
type IncidentImpact ¶
type IncidentImpact struct {
Operational string `json:"operational"`
Reputational string `json:"reputational"`
Compliance string `json:"compliance"`
Financial float64 `json:"financial"`
Recovery time.Duration `json:"recovery"`
}
IncidentImpact represents the impact of an incident
type IncidentRecord ¶
type IncidentRecord struct {
Timestamp time.Time `json:"timestamp"`
Type string `json:"type"`
Severity string `json:"severity"`
Impact string `json:"impact"`
Resolution string `json:"resolution"`
Resolved bool `json:"resolved"`
}
IncidentRecord represents an incident record
type IncidentResponseData ¶
type IncidentResponseData struct {
DetectionTime time.Time `json:"detection_time"`
ResponseTime time.Time `json:"response_time"`
ContainmentTime time.Time `json:"containment_time"`
ResolutionTime time.Time `json:"resolution_time"`
IncidentID string `json:"incident_id"`
IncidentType string `json:"incident_type"`
Severity string `json:"severity"`
LessonsLearned string `json:"lessons_learned"`
NotificationSent bool `json:"notification_sent"`
}
IncidentResponseData for incident response controls
type IndustryComplianceReport ¶
type IndustryComplianceReport struct {
NextAuditDate time.Time `json:"next_audit_date"`
GeneratedAt time.Time `json:"generated_at"`
RiskAssessment *IndustryRiskAssessment `json:"risk_assessment"`
Industry string `json:"industry"`
ComplianceStatus string `json:"compliance_status"`
Regulations []RegulationCompliance `json:"regulations"`
CriticalFindings []ComplianceFinding `json:"critical_findings"`
Recommendations []ComplianceRecommendation `json:"recommendations"`
CertificationStatus []CertificationStatus `json:"certification_status"`
OverallScore float64 `json:"overall_score"`
}
IndustryComplianceReport represents an industry-specific compliance report
type IndustryComplianceTemplate ¶
type IndustryComplianceTemplate interface {
GetIndustry() string
GetRegulations() []string
GetControls() []ComplianceControl
GetAudits() []AuditRequirement
GetRiskAssessments() []RiskAssessmentTemplate
GetComplianceMiddleware() []LiftMiddleware
ValidateCompliance(ctx LiftContext) (*ComplianceResult, error)
GenerateComplianceReport() (*IndustryComplianceReport, error)
}
IndustryComplianceTemplate interface for industry-specific compliance
type IndustryComplianceTemplateManager ¶
type IndustryComplianceTemplateManager struct {
// contains filtered or unexported fields
}
IndustryComplianceTemplateManager manages industry-specific compliance templates
func NewIndustryComplianceTemplateManager ¶
func NewIndustryComplianceTemplateManager() *IndustryComplianceTemplateManager
NewIndustryComplianceTemplateManager creates a new template manager
func (*IndustryComplianceTemplateManager) GetAvailableIndustries ¶
func (ictm *IndustryComplianceTemplateManager) GetAvailableIndustries() []string
GetAvailableIndustries returns available industry templates
func (*IndustryComplianceTemplateManager) GetTemplate ¶
func (ictm *IndustryComplianceTemplateManager) GetTemplate(industry string) (IndustryComplianceTemplate, error)
GetTemplate retrieves an industry compliance template
func (*IndustryComplianceTemplateManager) RegisterTemplate ¶
func (ictm *IndustryComplianceTemplateManager) RegisterTemplate(industry string, template IndustryComplianceTemplate)
RegisterTemplate registers an industry compliance template
type IndustryRiskAssessment ¶
type IndustryRiskAssessment struct {
AssessmentDate time.Time `json:"assessment_date"`
NextAssessment time.Time `json:"next_assessment"`
Industry string `json:"industry"`
RiskLevel string `json:"risk_level"`
RiskFactors []IndustryRiskFactor `json:"risk_factors"`
ThreatLandscape []ThreatVector `json:"threat_landscape"`
Vulnerabilities []Vulnerability `json:"vulnerabilities"`
Mitigations []RiskMitigation `json:"mitigations"`
RiskScore float64 `json:"risk_score"`
ResidualRisk float64 `json:"residual_risk"`
}
IndustryRiskAssessment represents industry-specific risk assessment
type IndustryRiskFactor ¶
type IndustryRiskFactor struct {
ID string `json:"id"`
Name string `json:"name"`
Category string `json:"category"`
Description string `json:"description"`
Impact string `json:"impact"`
Likelihood string `json:"likelihood"`
Trend string `json:"trend"`
Mitigation string `json:"mitigation"`
Score float64 `json:"score"`
}
IndustryRiskFactor represents an industry-specific risk factor
type IndustryTemplate ¶
type IndustryTemplate struct {
Metadata map[string]any `json:"metadata"`
Industry string `json:"industry"`
Regulations []string `json:"regulations"`
Controls []ComplianceControl `json:"controls"`
Audits []AuditRequirement `json:"audits"`
}
IndustryTemplate for industry-specific compliance
type JWTConfig ¶
type JWTConfig struct {
ValidateTenant func(tenantID string) error `json:"-"`
SigningMethod string `json:"signing_method"`
PublicKeyPath string `json:"public_key_path"`
PrivateKeyPath string `json:"private_key_path"`
SecretKey string `json:"secret_key,omitempty"`
Issuer string `json:"issuer"`
Audience []string `json:"audience"`
MaxAge time.Duration `json:"max_age"`
RotationPeriod time.Duration `json:"rotation_period"`
RequireTenantID bool `json:"require_tenant_id"`
KeyRotation bool `json:"key_rotation"`
}
JWTConfig configures JWT authentication
type LiftContext ¶
type LiftContext interface {
Set(key string, value any)
Get(key string) any
UserID() string
TenantID() string
ClientIP() string
Logger() Logger
GetDataAccessLog() []string
}
LiftContext represents the minimal interface needed from lift.Context
type LiftHandler ¶
type LiftHandler interface {
Handle(ctx LiftContext) error
}
LiftHandler represents a handler function
type LiftHandlerFunc ¶
type LiftHandlerFunc func(ctx LiftContext) error
LiftHandlerFunc is an adapter to allow ordinary functions to be used as handlers
func (LiftHandlerFunc) Handle ¶
func (f LiftHandlerFunc) Handle(ctx LiftContext) error
Handle calls f(ctx)
type LiftMiddleware ¶
type LiftMiddleware func(next LiftHandler) LiftHandler
LiftMiddleware represents middleware that wraps handlers
func DataProtection ¶
func DataProtection(config DataProtectionConfig) LiftMiddleware
DataProtection creates middleware for data protection
type Logger ¶
type Logger interface {
Error(msg string, keysAndValues ...any)
Info(msg string, keysAndValues ...any)
Warn(msg string, keysAndValues ...any)
}
Logger represents the minimal logging interface needed
type MLRiskScorer ¶
type MLRiskScorer struct {
// contains filtered or unexported fields
}
MLRiskScorer implements ML-based risk scoring
func NewMLRiskScorer ¶
func NewMLRiskScorer(config RiskScoringConfig) *MLRiskScorer
NewMLRiskScorer creates a new ML-based risk scorer
func (*MLRiskScorer) CalculateAggregateRisk ¶
func (mrs *MLRiskScorer) CalculateAggregateRisk(ctx context.Context, events []*AuditEvent) (*AggregateRiskScore, error)
CalculateAggregateRisk calculates aggregate risk for multiple events
func (*MLRiskScorer) CalculateRiskScore ¶
func (mrs *MLRiskScorer) CalculateRiskScore(ctx context.Context, event *AuditEvent) (*RiskScore, error)
CalculateRiskScore calculates risk score for an audit event
func (*MLRiskScorer) GetRiskFactors ¶
func (mrs *MLRiskScorer) GetRiskFactors() []RiskFactor
GetRiskFactors returns the current risk factors
func (*MLRiskScorer) SetModel ¶
func (mrs *MLRiskScorer) SetModel(model RiskModel)
SetModel sets the risk model
func (*MLRiskScorer) UpdateRiskModel ¶
func (mrs *MLRiskScorer) UpdateRiskModel(_ context.Context, feedback []*RiskFeedback) error
UpdateRiskModel updates the risk model with feedback
type MaskingRule ¶
type MaskingRule struct {
Type string `json:"type"` // "partial", "full", "hash", "tokenize"
Pattern string `json:"pattern"` // regex pattern for partial masking
Replacement string `json:"replacement"` // replacement character/string
}
MaskingRule defines how to mask sensitive data
type MetricResult ¶
type MetricResult struct {
Timestamp time.Time `json:"timestamp"`
Values map[string]float64 `json:"values"`
Labels map[string]string `json:"labels"`
Metadata map[string]any `json:"metadata"`
}
MetricResult represents a metric result
type MetricSummary ¶
type MetricSummary struct {
TimeRange TimeRange `json:"time_range"`
Aggregations map[string]float64 `json:"aggregations"`
Trends map[string]string `json:"trends"`
TotalDataPoints int `json:"total_data_points"`
}
MetricSummary represents a summary of metrics
type MetricsEngine ¶
type MetricsEngine interface {
CalculateComplianceMetrics(ctx context.Context, timeRange TimeRange) (*ComplianceMetrics, error)
CalculateRiskMetrics(ctx context.Context, timeRange TimeRange) (*RiskMetrics, error)
CalculateAuditMetrics(ctx context.Context, timeRange TimeRange) (*AuditMetrics, error)
CalculatePerformanceMetrics(ctx context.Context, timeRange TimeRange) (*PerformanceMetrics, error)
CalculateCustomMetrics(ctx context.Context, queries []CustomMetricQuery) ([]*CustomMetric, error)
}
MetricsEngine interface for metrics calculation
type MetricsQuery ¶
type MetricsQuery struct {
Aggregation string `json:"aggregation"`
GroupBy []string `json:"group_by"`
AnalyticsQuery
Interval time.Duration `json:"interval"`
}
MetricsQuery represents a query for aggregated metrics
type MitigationMeasure ¶
type MitigationMeasure struct {
ReviewDate time.Time `json:"review_date"`
ID string `json:"id"`
Type string `json:"type"`
Description string `json:"description"`
Implementation string `json:"implementation"`
Effectiveness string `json:"effectiveness"`
Cost string `json:"cost"`
Timeline string `json:"timeline"`
Owner string `json:"owner"`
Status string `json:"status"`
}
MitigationMeasure represents a mitigation measure
type MockSecretsProvider ¶
type MockSecretsProvider struct {
// contains filtered or unexported fields
}
MockSecretsProvider implements SecretsProvider for testing
func NewMockSecretsProvider ¶
func NewMockSecretsProvider() *MockSecretsProvider
NewMockSecretsProvider creates a mock secrets provider for testing
func (*MockSecretsProvider) DeleteSecret ¶
func (msp *MockSecretsProvider) DeleteSecret(_ context.Context, name string) error
DeleteSecret removes a mock secret
func (*MockSecretsProvider) RotateSecret ¶
func (msp *MockSecretsProvider) RotateSecret(_ context.Context, name string) error
RotateSecret simulates secret rotation
func (*MockSecretsProvider) SetSecret ¶
func (msp *MockSecretsProvider) SetSecret(name, value string)
SetSecret is a convenience method for testing
type ModelMetrics ¶
type ModelMetrics struct {
LastUpdated time.Time `json:"last_updated"`
FeatureImportance map[string]float64 `json:"feature_importance"`
Accuracy float64 `json:"accuracy"`
Precision float64 `json:"precision"`
Recall float64 `json:"recall"`
F1Score float64 `json:"f1_score"`
AUC float64 `json:"auc"`
RMSE float64 `json:"rmse"`
TrainingExamples int `json:"training_examples"`
}
ModelMetrics represents metrics for the risk model
type MonitoringScheduler ¶
type MonitoringScheduler struct {
// contains filtered or unexported fields
}
MonitoringScheduler handles scheduling of monitoring tasks
func NewMonitoringScheduler ¶
func NewMonitoringScheduler() *MonitoringScheduler
NewMonitoringScheduler creates a new monitoring scheduler
func (*MonitoringScheduler) AddTask ¶
func (ms *MonitoringScheduler) AddTask(task *ScheduledTask)
AddTask adds a scheduled task
func (*MonitoringScheduler) Start ¶
func (ms *MonitoringScheduler) Start(ctx context.Context) error
Start starts the scheduler
func (*MonitoringScheduler) Stop ¶
func (ms *MonitoringScheduler) Stop() error
Stop stops the scheduler
type PIAFilters ¶
type PIAFilters struct {
RiskLevel []string `json:"risk_level,omitempty"`
AssessmentType []string `json:"assessment_type,omitempty"`
RequestedBy []string `json:"requested_by,omitempty"`
DateFrom *time.Time `json:"date_from,omitempty"`
DateTo *time.Time `json:"date_to,omitempty"`
ApprovalStatus []string `json:"approval_status,omitempty"`
ProcessingTypes []string `json:"processing_types,omitempty"`
Limit int `json:"limit,omitempty"`
Offset int `json:"offset,omitempty"`
}
PIAFilters represents filters for PIA queries
type PIAFinding ¶
type PIAFinding struct {
ID string `json:"id"`
Category string `json:"category"`
Severity string `json:"severity"`
Description string `json:"description"`
Impact string `json:"impact"`
Likelihood string `json:"likelihood"`
Evidence []string `json:"evidence"`
RiskScore float64 `json:"risk_score"`
}
PIAFinding represents a finding from a privacy impact assessment
type PIAQuestion ¶
type PIAQuestion struct {
ID string `json:"id"`
Category string `json:"category"`
Question string `json:"question"`
Type string `json:"type"`
Guidance string `json:"guidance"`
Options []string `json:"options,omitempty"`
RiskWeight float64 `json:"risk_weight"`
Required bool `json:"required"`
}
PIAQuestion represents a question in a PIA template
type PIARecommendation ¶
type PIARecommendation struct {
ID string `json:"id"`
Priority string `json:"priority"`
Description string `json:"description"`
Timeline string `json:"timeline"`
Owner string `json:"owner"`
Status string `json:"status"`
Actions []string `json:"actions"`
}
PIARecommendation represents a recommendation from a privacy impact assessment
type PIARequest ¶
type PIARequest struct {
RequestDate time.Time `json:"request_date"`
DueDate time.Time `json:"due_date"`
ProcessingActivity *DataProcessingActivity `json:"processing_activity"`
Metadata map[string]any `json:"metadata"`
Purpose string `json:"purpose,omitempty"`
AssessmentType string `json:"assessment_type"`
ID string `json:"id"`
RequestedBy string `json:"requested_by"`
ProjectName string `json:"project_name,omitempty"`
LegalBasis string `json:"legal_basis,omitempty"`
Scope []string `json:"scope"`
DataTypes []string `json:"data_types,omitempty"`
Stakeholders []string `json:"stakeholders"`
}
PIARequest represents a privacy impact assessment request
type PIAResult ¶
type PIAResult struct {
ReviewDate time.Time `json:"review_date"`
CompletionDate time.Time `json:"completion_date"`
Timestamp time.Time `json:"timestamp,omitempty"`
Metadata map[string]any `json:"metadata"`
ApprovalDate *time.Time `json:"approval_date,omitempty"`
RiskLevel string `json:"risk_level"`
Status string `json:"status,omitempty"`
AssessmentID string `json:"assessment_id"`
ID string `json:"id,omitempty"`
ApprovedBy string `json:"approved_by,omitempty"`
MitigationMeasures []MitigationMeasure `json:"mitigation_measures"`
Recommendations []PIARecommendation `json:"recommendations"`
Findings []PIAFinding `json:"findings"`
RiskScore float64 `json:"risk_score"`
ApprovalRequired bool `json:"approval_required"`
}
PIAResult represents the result of a privacy impact assessment
type PIARiskFactor ¶
type PIARiskFactor struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Category string `json:"category"`
Weight float64 `json:"weight"`
Threshold float64 `json:"threshold"`
}
PIARiskFactor represents a risk factor in privacy assessment
type PIATemplate ¶
type PIATemplate struct {
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
ProcessingType string `json:"processing_type"`
Questions []PIAQuestion `json:"questions"`
RiskFactors []PIARiskFactor `json:"risk_factors"`
RequiredEvidence []string `json:"required_evidence"`
}
PIATemplate represents a template for privacy impact assessments
type PIAUpdate ¶
type PIAUpdate struct {
RiskLevel *string `json:"risk_level,omitempty"`
RiskScore *float64 `json:"risk_score,omitempty"`
ApprovalRequired *bool `json:"approval_required,omitempty"`
ApprovalDate *time.Time `json:"approval_date,omitempty"`
ReviewDate *time.Time `json:"review_date,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
ApprovedBy string `json:"approved_by,omitempty"`
UpdatedBy string `json:"updated_by"`
UpdateReason string `json:"update_reason"`
Findings []PIAFinding `json:"findings,omitempty"`
Recommendations []PIARecommendation `json:"recommendations,omitempty"`
MitigationMeasures []MitigationMeasure `json:"mitigation_measures,omitempty"`
}
PIAUpdate represents updates to a Privacy Impact Assessment
type PerformanceMetrics ¶
type PerformanceMetrics struct {
AvgAnalysisTime time.Duration `json:"avg_analysis_time"`
MemoryUsage int64 `json:"memory_usage"`
Accuracy float64 `json:"accuracy"`
FalsePositiveRate float64 `json:"false_positive_rate"`
Throughput float64 `json:"throughput"`
}
PerformanceMetrics represents performance metrics
type PerformanceTargets ¶
type PerformanceTargets struct {
MaxAnalysisTime time.Duration `json:"max_analysis_time"`
MaxMemoryUsage int64 `json:"max_memory_usage"`
MinAccuracy float64 `json:"min_accuracy"`
MaxFalsePositiveRate float64 `json:"max_false_positive_rate"`
}
PerformanceTargets defines performance targets for analytics
type Permission ¶
type Permission struct {
// Maps (8 bytes) - largest first
Conditions map[string]any `json:"conditions"` // Dynamic conditions
// Strings (16 bytes each)
Resource string `json:"resource"` // "users", "payments", "accounts"
Action string `json:"action"` // "read", "write", "delete"
}
Permission represents a specific permission in the RBAC system
type PredictionReport ¶
type PredictionReport struct {
GeneratedAt time.Time `json:"generated_at"`
CompliancePrediction *CompliancePrediction `json:"compliance_prediction,omitempty"`
TrendPredictions []*TrendPrediction `json:"trend_predictions,omitempty"`
IncidentForecasts []*IncidentForecast `json:"incident_forecasts,omitempty"`
Timeframe time.Duration `json:"timeframe"`
}
PredictionReport represents a prediction report
type PredictiveModel ¶
type PredictiveModel interface {
PredictComplianceRisk(ctx context.Context, timeframe time.Duration) (*CompliancePrediction, error)
PredictTrends(ctx context.Context, metrics []string, timeframe time.Duration) ([]*TrendPrediction, error)
ForecastIncidents(ctx context.Context, timeframe time.Duration) ([]*IncidentForecast, error)
UpdateModel(ctx context.Context, historicalData []*AnalyticsDataPoint) error
}
PredictiveModel interface for predictive analytics
type PredictiveRiskFactor ¶
type PredictiveRiskFactor struct {
Trend string `json:"trend"`
RiskFactor
PredictedValue float64 `json:"predicted_value"`
PredictedImpact float64 `json:"predicted_impact"`
Probability float64 `json:"probability"`
TimeToImpact time.Duration `json:"time_to_impact"`
}
PredictiveRiskFactor represents a risk factor in predictions
type Principal ¶
type Principal struct {
IssuedAt time.Time `json:"issued_at"`
ExpiresAt time.Time `json:"expires_at"`
UserID string `json:"user_id"`
TenantID string `json:"tenant_id"`
AccountID string `json:"account_id"`
AuthMethod string `json:"auth_method"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
SessionID string `json:"session_id"`
RequestID string `json:"request_id"`
Roles []string `json:"roles"`
Scopes []string `json:"scopes"`
}
Principal represents an authenticated entity (user, service, etc.) with their permissions
func AnonymousPrincipal ¶
func AnonymousPrincipal() *Principal
AnonymousPrincipal creates a principal for unauthenticated requests
func ServicePrincipal ¶
ServicePrincipal creates a principal for service-to-service communication
func SystemPrincipal ¶
func SystemPrincipal() *Principal
SystemPrincipal creates a principal for system/internal operations
func (*Principal) CanAccessResource ¶
CanAccessResource checks if the principal can access a specific resource
func (*Principal) HasAllRoles ¶
HasAllRoles checks if the principal has all of the specified roles
func (*Principal) HasAnyRole ¶
HasAnyRole checks if the principal has any of the specified roles
func (*Principal) IsSameTenant ¶
IsSameTenant checks if the principal belongs to the specified tenant
func (*Principal) IsValidForTenant ¶
IsValidForTenant checks if the principal is valid for operations on the specified tenant
func (*Principal) ToAuditMap ¶
ToAuditMap converts the principal to a map for audit logging
type PrincipalBuilder ¶
type PrincipalBuilder struct {
// contains filtered or unexported fields
}
PrincipalBuilder provides a fluent interface for building principals
func NewPrincipalBuilder ¶
func NewPrincipalBuilder() *PrincipalBuilder
NewPrincipalBuilder creates a new principal builder
func (*PrincipalBuilder) AddRole ¶
func (b *PrincipalBuilder) AddRole(role string) *PrincipalBuilder
AddRole adds a single role
func (*PrincipalBuilder) AddScope ¶
func (b *PrincipalBuilder) AddScope(scope string) *PrincipalBuilder
AddScope adds a single scope
func (*PrincipalBuilder) Build ¶
func (b *PrincipalBuilder) Build() *Principal
Build returns the constructed principal
func (*PrincipalBuilder) Validate ¶
func (b *PrincipalBuilder) Validate() error
Validate validates the principal
func (*PrincipalBuilder) WithAccountID ¶
func (b *PrincipalBuilder) WithAccountID(accountID string) *PrincipalBuilder
WithAccountID sets the account ID
func (*PrincipalBuilder) WithAuthMethod ¶
func (b *PrincipalBuilder) WithAuthMethod(method string) *PrincipalBuilder
WithAuthMethod sets the authentication method
func (*PrincipalBuilder) WithExpiration ¶
func (b *PrincipalBuilder) WithExpiration(duration time.Duration) *PrincipalBuilder
WithExpiration sets the expiration time
func (*PrincipalBuilder) WithRequest ¶
func (b *PrincipalBuilder) WithRequest(ipAddress, userAgent, requestID string) *PrincipalBuilder
WithRequest sets request-specific information
func (*PrincipalBuilder) WithRoles ¶
func (b *PrincipalBuilder) WithRoles(roles ...string) *PrincipalBuilder
WithRoles sets the roles
func (*PrincipalBuilder) WithScopes ¶
func (b *PrincipalBuilder) WithScopes(scopes ...string) *PrincipalBuilder
WithScopes sets the scopes
func (*PrincipalBuilder) WithTenantID ¶
func (b *PrincipalBuilder) WithTenantID(tenantID string) *PrincipalBuilder
WithTenantID sets the tenant ID
func (*PrincipalBuilder) WithUserID ¶
func (b *PrincipalBuilder) WithUserID(userID string) *PrincipalBuilder
WithUserID sets the user ID
type PrivacyBreachLog ¶
type PrivacyBreachLog struct {
DetectedDate time.Time `json:"detected_date"`
ReportedDate time.Time `json:"reported_date"`
Metadata map[string]any `json:"metadata"`
BreachID string `json:"breach_id"`
BreachType string `json:"breach_type"`
Severity string `json:"severity"`
Cause string `json:"cause"`
DataCategories []string `json:"data_categories"`
Mitigation []string `json:"mitigation"`
AffectedSubjects int `json:"affected_subjects"`
AuthorityNotified bool `json:"authority_notified"`
SubjectsNotified bool `json:"subjects_notified"`
}
PrivacyBreachLog represents a privacy breach for audit logging
type PrivacyImpactAssessment ¶
type PrivacyImpactAssessment interface {
ConductPIA(ctx context.Context, assessment *PIARequest) (*PIAResult, error)
GetPIATemplate(processingType string) (*PIATemplate, error)
ValidateDataProcessing(ctx context.Context, processing *DataProcessingActivity) (*ProcessingValidation, error)
GetRiskAssessment(ctx context.Context, activityID string) (*RiskAssessment, error)
// Additional methods needed by tests
UpdatePIA(ctx context.Context, piaID string, updates *PIAUpdate) error
GetPIA(ctx context.Context, piaID string) (*PIAResult, error)
ListPIAs(ctx context.Context, filters *PIAFilters) ([]*PIAResult, error)
}
PrivacyImpactAssessment interface for privacy impact assessments
type ProcessingValidation ¶
type ProcessingValidation struct {
ValidationDate time.Time `json:"validation_date"`
Metadata map[string]any `json:"metadata"`
Issues []ValidationIssue `json:"issues"`
Recommendations []string `json:"recommendations"`
RequiredActions []string `json:"required_actions"`
ComplianceScore float64 `json:"compliance_score"`
Valid bool `json:"valid"`
}
ProcessingValidation represents validation of data processing activity
type RateLimitConfig ¶
type RateLimitConfig struct {
StorageConfig map[string]any `json:"storage_config"`
StorageType string `json:"storage_type"`
GlobalLimit int `json:"global_limit"`
GlobalPeriod time.Duration `json:"global_period"`
TenantLimit int `json:"tenant_limit"`
TenantPeriod time.Duration `json:"tenant_period"`
UserLimit int `json:"user_limit"`
UserPeriod time.Duration `json:"user_period"`
GlobalEnabled bool `json:"global_enabled"`
TenantEnabled bool `json:"tenant_enabled"`
UserEnabled bool `json:"user_enabled"`
}
RateLimitConfig defines rate limiting configuration
type RegulationCompliance ¶
type RegulationCompliance struct {
LastAssessment time.Time `json:"last_assessment"`
NextAssessment time.Time `json:"next_assessment"`
Metadata map[string]any `json:"metadata"`
Regulation string `json:"regulation"`
Status string `json:"status"`
Findings []ComplianceFinding `json:"findings"`
Score float64 `json:"score"`
RequiredControls int `json:"required_controls"`
ImplementedControls int `json:"implemented_controls"`
}
RegulationCompliance represents compliance with a specific regulation
type RemediationEngine ¶
type RemediationEngine interface {
GenerateRemediation(ctx context.Context, issue *ComplianceIssue) (*RemediationPlan, error)
ExecuteRemediation(ctx context.Context, plan *RemediationPlan) (*RemediationResult, error)
GetRemediationTemplates() []RemediationTemplate
ValidateRemediation(ctx context.Context, result *RemediationResult) (*ValidationResult, error)
}
RemediationEngine interface for automated remediation
type RemediationPlan ¶
type RemediationPlan struct {
CreatedAt time.Time `json:"created_at"`
Metadata map[string]any `json:"metadata"`
Rollback *RollbackPlan `json:"rollback,omitempty"`
ID string `json:"id"`
IssueID string `json:"issue_id"`
Type string `json:"type"`
Priority string `json:"priority"`
Description string `json:"description"`
Dependencies []string `json:"dependencies"`
RequiredSkills []string `json:"required_skills"`
SuccessMetrics []string `json:"success_metrics"`
Steps []RemediationStep `json:"steps"`
RiskReduction float64 `json:"risk_reduction"`
EstimatedCost float64 `json:"estimated_cost"`
EstimatedTime time.Duration `json:"estimated_time"`
}
RemediationPlan represents a plan for remediation
type RemediationResult ¶
type RemediationResult struct {
StartTime time.Time `json:"start_time"`
EndTime time.Time `json:"end_time"`
Metrics map[string]float64 `json:"metrics"`
Metadata map[string]any `json:"metadata"`
PlanID string `json:"plan_id"`
Status string `json:"status"`
StepsExecuted []StepResult `json:"steps_executed"`
Issues []string `json:"issues"`
Duration time.Duration `json:"duration"`
RiskReduction float64 `json:"risk_reduction"`
Success bool `json:"success"`
}
RemediationResult represents the result of remediation
type RemediationStep ¶
type RemediationStep struct {
Parameters map[string]any `json:"parameters,omitempty"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Type string `json:"type"`
Command string `json:"command,omitempty"`
Validation string `json:"validation"`
Rollback string `json:"rollback"`
Order int `json:"order"`
Duration time.Duration `json:"duration"`
Automated bool `json:"automated"`
}
RemediationStep represents a step in remediation
type RemediationTemplate ¶
type RemediationTemplate struct {
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Description string `json:"description"`
Frameworks []string `json:"frameworks"`
IssueTypes []string `json:"issue_types"`
Steps []RemediationStep `json:"steps"`
}
RemediationTemplate represents a template for remediation
type Request ¶
type Request interface {
Method() string
Path() string
Header(key string) string
UserAgent() string
ContentLength() int64
URL() URL
}
Request represents the minimal request interface needed
type RequestStatus ¶
type RequestStatus struct {
LastUpdated time.Time `json:"last_updated"`
DueDate time.Time `json:"due_date"`
RequestID string `json:"request_id"`
Status string `json:"status"`
NextAction string `json:"next_action"`
AssignedTo string `json:"assigned_to"`
Notes []string `json:"notes"`
Progress int `json:"progress"`
}
RequestStatus represents the status of a data subject request
type RequestValidationConfig ¶
type RequestValidationConfig struct {
AllowedMethods []string `json:"allowed_methods"`
AllowedHeaders []string `json:"allowed_headers"`
AllowedCIDRs []string `json:"allowed_cidrs"`
DeniedCIDRs []string `json:"denied_cidrs"`
MaxBodySize int64 `json:"max_body_size"`
MaxHeaderSize int `json:"max_header_size"`
ValidateJSON bool `json:"validate_json"`
SanitizeInput bool `json:"sanitize_input"`
EnableIPFilter bool `json:"enable_ip_filter"`
}
RequestValidationConfig defines request validation settings
type RiskAssessment ¶
type RiskAssessment struct {
AssessmentDate time.Time `json:"assessment_date"`
ReviewDate time.Time `json:"review_date"`
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
ActivityID string `json:"activity_id"`
RiskLevel string `json:"risk_level"`
ApprovedBy string `json:"approved_by,omitempty"`
RiskFactors []AssessedRiskFactor `json:"risk_factors"`
Mitigations []MitigationMeasure `json:"mitigations"`
RiskScore float64 `json:"risk_score"`
ResidualRisk float64 `json:"residual_risk"`
Approved bool `json:"approved"`
}
RiskAssessment represents a risk assessment
type RiskAssessmentData ¶
type RiskAssessmentData struct {
AssessmentDate time.Time `json:"assessment_date"`
AssessmentID string `json:"assessment_id"`
RiskLevel string `json:"risk_level"`
RiskCategory string `json:"risk_category"`
Impact string `json:"impact"`
Likelihood string `json:"likelihood"`
MitigationPlan string `json:"mitigation_plan"`
ResidualRisk string `json:"residual_risk"`
ThreatSources []string `json:"threat_sources"`
Vulnerabilities []string `json:"vulnerabilities"`
}
RiskAssessmentData for risk assessment controls
type RiskAssessmentTemplate ¶
type RiskAssessmentTemplate struct {
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Industry string `json:"industry"`
Methodology string `json:"methodology"`
Scope []string `json:"scope"`
RiskFactors []RiskFactor `json:"risk_factors"`
ThreatSources []string `json:"threat_sources"`
AssetCategories []string `json:"asset_categories"`
ImpactCategories []string `json:"impact_categories"`
Frequency time.Duration `json:"frequency"`
}
RiskAssessmentTemplate represents a risk assessment template
type RiskBaseline ¶
type RiskBaseline struct {
UpdatedAt time.Time `json:"updated_at"`
RiskDistribution map[string]float64 `json:"risk_distribution"`
FactorBaselines map[string]float64 `json:"factor_baselines"`
TemporalPatterns map[string]float64 `json:"temporal_patterns"`
Metadata map[string]any `json:"metadata"`
AverageRisk float64 `json:"average_risk"`
SampleSize int `json:"sample_size"`
}
RiskBaseline represents baseline risk metrics
type RiskContext ¶
type RiskContext struct {
TimeOfDay time.Time `json:"time_of_day"`
UserProfile *UserRiskProfile `json:"user_profile"`
TenantProfile *TenantRiskProfile `json:"tenant_profile"`
ThreatIntel *ThreatIntelligence `json:"threat_intel"`
Metadata map[string]any `json:"metadata"`
UserHistory []*AuditEvent `json:"user_history"`
TenantHistory []*AuditEvent `json:"tenant_history"`
RecentEvents []*AuditEvent `json:"recent_events"`
DayOfWeek time.Weekday `json:"day_of_week"`
}
RiskContext provides context for risk assessment
type RiskDataPoint ¶
type RiskDataPoint struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
ThreatLevel string `json:"threat_level"`
RiskScore float64 `json:"risk_score"`
IncidentCount int `json:"incident_count"`
}
RiskDataPoint represents a risk data point
type RiskFactor ¶
type RiskFactor struct {
ID string `json:"id"`
Name string `json:"name"`
Category string `json:"category"`
Description string `json:"description"`
Mitigation string `json:"mitigation"`
Weight float64 `json:"weight"`
Value float64 `json:"value"`
Impact float64 `json:"impact"`
}
RiskFactor represents a factor contributing to risk
type RiskFeatureExtractor ¶
type RiskFeatureExtractor struct {
}
RiskFeatureExtractor extracts features from audit events
type RiskFeedback ¶
type RiskFeedback struct {
// Time struct first (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
EventID string `json:"event_id"`
FeedbackType string `json:"feedback_type"`
Comments string `json:"comments"`
ProvidedBy string `json:"provided_by"`
// Float64s last (8 bytes each)
ActualRisk float64 `json:"actual_risk"`
PredictedRisk float64 `json:"predicted_risk"`
Accuracy float64 `json:"accuracy"`
}
RiskFeedback represents feedback for risk model improvement Memory optimized: 272 → 264 bytes (8 bytes saved)
type RiskMetrics ¶
type RiskMetrics struct {
RiskDistribution map[string]int `json:"risk_distribution"`
IncidentsByType map[string]int `json:"incidents_by_type"`
IncidentsBySeverity map[string]int `json:"incidents_by_severity"`
MitigationProgress map[string]float64 `json:"mitigation_progress"`
RiskLevel string `json:"risk_level"`
RiskTrend string `json:"risk_trend"`
ThreatLevel string `json:"threat_level"`
HistoricalData []RiskDataPoint `json:"historical_data"`
TopRiskFactors []RiskFactor `json:"top_risk_factors"`
OverallRiskScore float64 `json:"overall_risk_score"`
RiskAppetite float64 `json:"risk_appetite"`
RiskTolerance float64 `json:"risk_tolerance"`
IncidentCount int `json:"incident_count"`
VulnerabilityCount int `json:"vulnerability_count"`
}
RiskMetrics represents risk-specific metrics Memory optimized: 152 → 112 bytes (40 bytes saved)
type RiskMitigation ¶
type RiskMitigation struct {
DueDate time.Time `json:"due_date"`
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Description string `json:"description"`
Effectiveness string `json:"effectiveness"`
Cost string `json:"cost"`
Timeline string `json:"timeline"`
Owner string `json:"owner"`
Status string `json:"status"`
}
RiskMitigation represents a risk mitigation
type RiskModel ¶
type RiskModel interface {
Predict(features []float64) (float64, error)
Train(trainingData []TrainingExample) error
Update(feedback []RiskFeedback) error
GetFeatureImportance() map[string]float64
GetModelMetrics() *ModelMetrics
}
RiskModel interface for different risk models
type RiskScenario ¶
type RiskScenario struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Mitigation []string `json:"mitigation"`
Probability float64 `json:"probability"`
Impact float64 `json:"impact"`
RiskScore float64 `json:"risk_score"`
Timeline time.Duration `json:"timeline"`
}
RiskScenario represents a risk scenario
type RiskScore ¶
type RiskScore struct {
Timestamp time.Time `json:"timestamp"`
Metadata map[string]any `json:"metadata"`
Level string `json:"level"`
Factors []RiskFactor `json:"factors"`
Recommendations []string `json:"recommendations"`
Score float64 `json:"score"`
Confidence float64 `json:"confidence"`
}
RiskScore represents a calculated risk score Memory optimized: 160 → 152 bytes (8 bytes saved)
type RiskScorer ¶
type RiskScorer interface {
CalculateRiskScore(ctx context.Context, event *AuditEvent) (*RiskScore, error)
CalculateAggregateRisk(ctx context.Context, events []*AuditEvent) (*AggregateRiskScore, error)
UpdateRiskModel(ctx context.Context, feedback []*RiskFeedback) error
GetRiskFactors() []RiskFactor
}
RiskScorer interface for risk scoring algorithms
type RiskScoringConfig ¶
type RiskScoringConfig struct {
RiskFactorWeights map[string]float64 `json:"risk_factor_weights"`
ModelType string `json:"model_type"`
ContextualFactors []string `json:"contextual_factors"`
TemporalFactors []string `json:"temporal_factors"`
BehavioralFactors []string `json:"behavioral_factors"`
ThresholdConfig RiskThresholdConfig `json:"threshold_config"`
BaselineUpdateFreq time.Duration `json:"baseline_update_freq"`
LearningRate float64 `json:"learning_rate"`
FeedbackWeight float64 `json:"feedback_weight"`
Enabled bool `json:"enabled"`
AdaptiveLearning bool `json:"adaptive_learning"`
}
RiskScoringConfig configuration for risk scoring
type RiskThresholdConfig ¶
type RiskThresholdConfig struct {
CriticalThreshold float64 `json:"critical_threshold"`
HighThreshold float64 `json:"high_threshold"`
MediumThreshold float64 `json:"medium_threshold"`
LowThreshold float64 `json:"low_threshold"`
}
RiskThresholdConfig defines risk level thresholds
type Role ¶
type Role struct {
Name string `json:"name"`
Description string `json:"description"`
TenantID string `json:"tenant_id"`
Permissions []Permission `json:"permissions"`
}
Role represents a collection of permissions
type RollbackPlan ¶
type RollbackPlan struct {
Steps []RemediationStep `json:"steps"`
Triggers []string `json:"triggers"`
Validation []string `json:"validation"`
MaxTime time.Duration `json:"max_time"`
}
RollbackPlan represents a rollback plan
type RotationRecord ¶
type RotationRecord struct {
Timestamp time.Time `json:"timestamp"`
OldValue string `json:"old_value,omitempty"`
NewValue string `json:"new_value,omitempty"`
RotationID string `json:"rotation_id"`
Method string `json:"method"`
Error string `json:"error,omitempty"`
Success bool `json:"success"`
}
RotationRecord tracks rotation events for testing
type SCCResult ¶
type SCCResult struct {
ValidationDate time.Time `json:"validation_date"`
Metadata map[string]any `json:"metadata"`
Issues []ValidationIssue `json:"issues"`
Recommendations []string `json:"recommendations"`
Valid bool `json:"valid"`
ClausesApplicable bool `json:"clauses_applicable"`
}
SCCResult represents the result of SCC validation
type SCCValidation ¶
type SCCValidation struct {
Metadata map[string]any `json:"metadata"`
ClausesVersion string `json:"clauses_version"`
DataExporter string `json:"data_exporter"`
DataImporter string `json:"data_importer"`
DataCategories []string `json:"data_categories"`
Purposes []string `json:"purposes"`
}
SCCValidation represents Standard Contractual Clauses validation
type SOC2ComplianceStatus ¶
type SOC2ComplianceStatus struct {
Timestamp time.Time `json:"timestamp"`
ExceptionTrends *ExceptionTrends `json:"exception_trends"`
ControlResults []*ControlTestResult `json:"control_results"`
Recommendations []string `json:"recommendations"`
TotalControls int `json:"total_controls"`
EffectiveControls int `json:"effective_controls"`
ComplianceRate float64 `json:"compliance_rate"`
}
SOC2ComplianceStatus represents the overall SOC 2 compliance status
type SOC2ContinuousMonitor ¶
type SOC2ContinuousMonitor struct {
// contains filtered or unexported fields
}
SOC2ContinuousMonitor provides continuous monitoring for SOC 2 Type II compliance
func NewSOC2ContinuousMonitor ¶
func NewSOC2ContinuousMonitor(config SOC2MonitoringConfig) *SOC2ContinuousMonitor
NewSOC2ContinuousMonitor creates a new SOC 2 continuous monitor
func (*SOC2ContinuousMonitor) GetComplianceStatus ¶
func (scm *SOC2ContinuousMonitor) GetComplianceStatus(ctx context.Context) (*SOC2ComplianceStatus, error)
GetComplianceStatus returns the current compliance status
func (*SOC2ContinuousMonitor) SetAlertManager ¶
func (scm *SOC2ContinuousMonitor) SetAlertManager(manager AlertManager)
SetAlertManager sets the alert manager
func (*SOC2ContinuousMonitor) SetControlTester ¶
func (scm *SOC2ContinuousMonitor) SetControlTester(tester ControlTester)
SetControlTester sets the control tester
func (*SOC2ContinuousMonitor) SetEvidenceCollector ¶
func (scm *SOC2ContinuousMonitor) SetEvidenceCollector(collector EvidenceCollector)
SetEvidenceCollector sets the evidence collector
func (*SOC2ContinuousMonitor) SetExceptionTracker ¶
func (scm *SOC2ContinuousMonitor) SetExceptionTracker(tracker ExceptionTracker)
SetExceptionTracker sets the exception tracker
func (*SOC2ContinuousMonitor) Start ¶
func (scm *SOC2ContinuousMonitor) Start(ctx context.Context) error
Start starts the continuous monitoring
func (*SOC2ContinuousMonitor) Stop ¶
func (scm *SOC2ContinuousMonitor) Stop() error
Stop stops the continuous monitoring
type SOC2Control ¶
type SOC2Control struct {
Metadata map[string]any `json:"metadata"`
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Category string `json:"category"`
Type string `json:"type"`
TestProcedures []TestProcedure `json:"test_procedures"`
EvidenceRequired []string `json:"evidence_required"`
Dependencies []string `json:"dependencies"`
ComplianceTarget float64 `json:"compliance_target"`
Frequency time.Duration `json:"frequency"`
ManualTesting bool `json:"manual_testing"`
AutomatedTesting bool `json:"automated_testing"`
CriticalControl bool `json:"critical_control"`
}
SOC2Control represents a SOC 2 control for monitoring
type SOC2Controls ¶
type SOC2Controls struct {
AccessControl *AccessControlData `json:"access_control"`
DataProtection *DataProtectionData `json:"data_protection"`
SystemMonitoring *SystemMonitoringData `json:"system_monitoring"`
ChangeManagement *ChangeManagementData `json:"change_management"`
RiskAssessment *RiskAssessmentData `json:"risk_assessment"`
IncidentResponse *IncidentResponseData `json:"incident_response"`
VendorManagement *VendorManagementData `json:"vendor_management"`
BusinessContinuity *BusinessContinuityData `json:"business_continuity"`
}
SOC2Controls represents SOC 2 security controls
type SOC2MonitoringConfig ¶
type SOC2MonitoringConfig struct {
ControlTestFrequency map[string]time.Duration `json:"control_test_frequency"`
MonitoringInterval time.Duration `json:"monitoring_interval"`
EvidenceRetentionDays int `json:"evidence_retention_days"`
ExceptionThreshold int `json:"exception_threshold"`
ComplianceThreshold float64 `json:"compliance_threshold"`
Enabled bool `json:"enabled"`
AlertingEnabled bool `json:"alerting_enabled"`
AutomatedRemediation bool `json:"automated_remediation"`
ContinuousAuditing bool `json:"continuous_auditing"`
RealTimeReporting bool `json:"real_time_reporting"`
}
SOC2MonitoringConfig configuration for continuous monitoring
type SOC2TypeIIConfig ¶
type SOC2TypeIIConfig struct {
// Slice first (24 bytes)
ControlObjectives []string `json:"control_objectives"`
// Duration (8 bytes)
ReportingFrequency time.Duration `json:"reporting_frequency"`
// Ints (4 bytes each)
ControlPeriodMonths int `json:"control_period_months"`
ExceptionThreshold int `json:"exception_threshold"`
EvidenceRetentionYears int `json:"evidence_retention_years"`
// Bools last (1 byte each)
Enabled bool `json:"enabled"`
ContinuousMonitoring bool `json:"continuous_monitoring"`
AutomatedTesting bool `json:"automated_testing"`
}
SOC2TypeIIConfig for SOC 2 Type II compliance automation Memory optimized: 72 → 64 bytes (8 bytes saved)
type SSMIPAuthorizer ¶ added in v1.0.36
type SSMIPAuthorizer struct {
// contains filtered or unexported fields
}
SSMIPAuthorizer handles IP authorization using AWS SSM parameters with caching
func NewSSMIPAuthorizer ¶ added in v1.0.36
func NewSSMIPAuthorizer(ctx context.Context) (*SSMIPAuthorizer, error)
NewSSMIPAuthorizer creates a new SSM IP authorizer with default AWS config
func NewSSMIPAuthorizerWithClient ¶ added in v1.0.36
func NewSSMIPAuthorizerWithClient(ssmClient *ssm.Client) *SSMIPAuthorizer
NewSSMIPAuthorizerWithClient creates a new SSM IP authorizer with a provided SSM client
func NewSSMIPAuthorizerWithConfig ¶ added in v1.0.36
func NewSSMIPAuthorizerWithConfig(ssmClient *ssm.Client, config SSMIPAuthorizerConfig) *SSMIPAuthorizer
NewSSMIPAuthorizerWithConfig creates a new SSM IP authorizer with a provided SSM client and config
func (*SSMIPAuthorizer) ClearCache ¶ added in v1.0.36
func (s *SSMIPAuthorizer) ClearCache()
ClearCache clears the IP list cache
func (*SSMIPAuthorizer) GetCacheStats ¶ added in v1.0.36
func (s *SSMIPAuthorizer) GetCacheStats() (items int, expired int)
GetCacheStats returns basic cache statistics
func (*SSMIPAuthorizer) IsAuthorizedIP ¶ added in v1.0.36
func (s *SSMIPAuthorizer) IsAuthorizedIP(ctx context.Context, sourceIP string, ssmParameterName string) (bool, error)
IsAuthorizedIP checks if the source IP is in the allowed list retrieved from SSM with caching
type SSMIPAuthorizerConfig ¶ added in v1.0.36
type SSMIPAuthorizerConfig struct {
// CacheTTL is the duration to cache IP lists. Defaults to 15 minutes.
CacheTTL time.Duration
}
SSMIPAuthorizerConfig configures the SSM IP authorizer
type ScheduledTask ¶
type ScheduledTask struct {
LastRun time.Time `json:"last_run"`
NextRun time.Time `json:"next_run"`
TaskFunc func() error `json:"-"`
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Frequency time.Duration `json:"frequency"`
Enabled bool `json:"enabled"`
}
ScheduledTask represents a scheduled monitoring task
type SecretCache ¶
type SecretCache struct {
// contains filtered or unexported fields
}
SecretCache provides in-memory caching for secrets with TTL
func NewSecretCache ¶
func NewSecretCache(ttl time.Duration) *SecretCache
NewSecretCache creates a new secret cache with the specified TTL
func (*SecretCache) CleanupExpired ¶
func (c *SecretCache) CleanupExpired()
CleanupExpired removes expired secrets from the cache
func (*SecretCache) Delete ¶
func (c *SecretCache) Delete(key string)
Delete removes a value from the cache
func (*SecretCache) Get ¶
func (c *SecretCache) Get(key string) string
Get retrieves a value from the cache
func (*SecretCache) Set ¶
func (c *SecretCache) Set(key, value string)
Set stores a value in the cache with TTL
func (*SecretCache) Size ¶
func (c *SecretCache) Size() int
Size returns the number of cached secrets
type SecretsProvider ¶
type SecretsProvider interface {
GetSecret(ctx context.Context, name string) (string, error)
PutSecret(ctx context.Context, name string, value string) error
RotateSecret(ctx context.Context, name string) error
DeleteSecret(ctx context.Context, name string) error
}
SecretsProvider defines the interface for secrets management
type SecurityConfig ¶
type SecurityConfig struct {
SecretsProvider SecretsProvider `json:"-"`
KMSKeyID string `json:"kms_key_id"`
JWTConfig JWTConfig `json:"jwt_config"`
DefaultRoles []string `json:"default_roles"`
APIKeyConfig APIKeyConfig `json:"api_key_config"`
MaxRequestSize int64 `json:"max_request_size"`
RBACEnabled bool `json:"rbac_enabled"`
TenantValidation bool `json:"tenant_validation"`
CrossAccountAuth bool `json:"cross_account_auth"`
EncryptionAtRest bool `json:"encryption_at_rest"`
RequestSigning bool `json:"request_signing"`
}
SecurityConfig defines the overall security configuration for the Lift framework
func DefaultSecurityConfig ¶
func DefaultSecurityConfig() *SecurityConfig
DefaultSecurityConfig returns a secure default configuration
func (*SecurityConfig) Validate ¶
func (c *SecurityConfig) Validate() error
Validate checks if the security configuration is valid
type SecurityContext ¶
type SecurityContext struct {
ThreatLevel string `json:"threat_level"`
AuthMethod string `json:"auth_method"`
AccessLevel string `json:"access_level"`
SecurityControls []string `json:"security_controls"`
ThreatIndicators []string `json:"threat_indicators"`
EncryptionUsed bool `json:"encryption_used"`
}
SecurityContext provides security-specific context
type SecurityError ¶
SecurityError represents a security-related error
func NewSecurityError ¶
func NewSecurityError(code, message string) *SecurityError
NewSecurityError creates a new security error
func (*SecurityError) Error ¶
func (e *SecurityError) Error() string
type SecurityEvent ¶
type SecurityEvent struct {
// Map first (24 bytes)
Metadata map[string]any `json:"metadata,omitempty"`
// Time struct (24 bytes)
Timestamp time.Time `json:"timestamp"`
// Strings (16 bytes each)
EventType string `json:"event_type"`
Severity string `json:"severity"`
Description string `json:"description"`
// Bool last (1 byte)
Resolved bool `json:"resolved"`
}
SecurityEvent represents a security-related event Memory optimized: 80 → 72 bytes (8 bytes saved)
type SecurityLogEntry ¶
type SecurityLogEntry struct {
Timestamp time.Time `json:"timestamp"`
Details map[string]any `json:"details"`
EventType string `json:"event_type"`
Severity string `json:"severity"`
Source string `json:"source"`
UserID string `json:"user_id"`
Action string `json:"action"`
Resource string `json:"resource"`
Result string `json:"result"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
}
SecurityLogEntry represents a security log entry
type StepResult ¶
type StepResult struct {
StartTime time.Time `json:"start_time"`
EndTime time.Time `json:"end_time"`
StepID string `json:"step_id"`
Status string `json:"status"`
Output string `json:"output"`
Error string `json:"error,omitempty"`
Duration time.Duration `json:"duration"`
Validated bool `json:"validated"`
}
StepResult represents the result of a remediation step
type SystemEvidence ¶
type SystemEvidence struct {
CollectionDate time.Time `json:"collection_date"`
SystemMetrics map[string]any `json:"system_metrics"`
ConfigurationData map[string]any `json:"configuration_data"`
NetworkData map[string]any `json:"network_data"`
Metadata map[string]any `json:"metadata"`
SecurityLogs []SecurityLogEntry `json:"security_logs"`
AccessLogs []AccessLogEntry `json:"access_logs"`
}
SystemEvidence represents system-wide evidence
type SystemMonitoringData ¶
type SystemMonitoringData struct {
LogRetention time.Duration `json:"log_retention"`
LoggingEnabled bool `json:"logging_enabled"`
MonitoringEnabled bool `json:"monitoring_enabled"`
AlertingEnabled bool `json:"alerting_enabled"`
LogIntegrity bool `json:"log_integrity"`
RealTimeMonitoring bool `json:"real_time_monitoring"`
AnomalyDetection bool `json:"anomaly_detection"`
ThreatDetection bool `json:"threat_detection"`
IncidentTracking bool `json:"incident_tracking"`
}
SystemMonitoringData for system monitoring controls
type TenantRiskProfile ¶
type TenantRiskProfile struct {
LastUpdated time.Time `json:"last_updated"`
SecurityPosture map[string]float64 `json:"security_posture"`
Metadata map[string]any `json:"metadata"`
TenantID string `json:"tenant_id"`
RiskTrend string `json:"risk_trend"`
IncidentHistory []IncidentRecord `json:"incident_history"`
BaselineRisk float64 `json:"baseline_risk"`
ComplianceScore float64 `json:"compliance_score"`
}
TenantRiskProfile represents a tenant's risk profile
type TestProcedure ¶
type TestProcedure struct {
Parameters map[string]any `json:"parameters"`
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Description string `json:"description"`
Expected string `json:"expected"`
Steps []string `json:"steps"`
Automated bool `json:"automated"`
}
TestProcedure defines how to test a control
type ThreatIndicator ¶
type ThreatIndicator struct {
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
Type string `json:"type"`
Value string `json:"value"`
Severity string `json:"severity"`
Source string `json:"source"`
Description string `json:"description"`
Confidence float64 `json:"confidence"`
}
ThreatIndicator represents a threat indicator
type ThreatIntelligence ¶
type ThreatIntelligence struct {
LastUpdated time.Time `json:"last_updated"`
GeographicRisks map[string]float64 `json:"geographic_risks"`
Metadata map[string]any `json:"metadata"`
ThreatLevel string `json:"threat_level"`
ActiveThreats []ThreatIndicator `json:"active_threats"`
RiskFactors []ThreatRiskFactor `json:"risk_factors"`
IndustryThreats []string `json:"industry_threats"`
}
ThreatIntelligence represents threat intelligence data
type ThreatRiskFactor ¶
type ThreatRiskFactor struct {
ThreatType string `json:"threat_type"`
Mitigation string `json:"mitigation"`
RiskFactor
Prevalence float64 `json:"prevalence"`
Effectiveness float64 `json:"effectiveness"`
}
ThreatRiskFactor represents a threat-based risk factor
type ThreatVector ¶
type ThreatVector struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Severity string `json:"severity"`
Frequency string `json:"frequency"`
Targets []string `json:"targets"`
Indicators []string `json:"indicators"`
Mitigations []string `json:"mitigations"`
}
ThreatVector represents a threat vector
type TrainingExample ¶
type TrainingExample struct {
Metadata map[string]any `json:"metadata"`
Features []float64 `json:"features"`
Label float64 `json:"label"`
Weight float64 `json:"weight"`
}
TrainingExample represents a training example for the risk model
type TransferValidation ¶
type TransferValidation struct {
ValidationDate time.Time `json:"validation_date"`
Metadata map[string]any `json:"metadata"`
Issues []ValidationIssue `json:"issues"`
Recommendations []string `json:"recommendations"`
Valid bool `json:"valid"`
LegalBasisValid bool `json:"legal_basis_valid"`
SafeguardsValid bool `json:"safeguards_valid"`
}
TransferValidation represents validation of cross-border transfer
type TrendAnalysis ¶
type TrendAnalysis struct {
Metadata map[string]any `json:"metadata"`
Direction string `json:"direction"`
Forecast []ForecastPoint `json:"forecast"`
Magnitude float64 `json:"magnitude"`
Confidence float64 `json:"confidence"`
Seasonality bool `json:"seasonality"`
}
TrendAnalysis represents trend analysis results
type TrendAnomaly ¶
type TrendAnomaly struct {
Timestamp time.Time `json:"timestamp"`
Severity string `json:"severity"`
Value float64 `json:"value"`
ExpectedValue float64 `json:"expected_value"`
Deviation float64 `json:"deviation"`
}
TrendAnomaly represents an anomaly in trend data
type TrendDataPoint ¶
type TrendDataPoint struct {
Timestamp time.Time `json:"timestamp"`
Value float64 `json:"value"`
PredictedValue float64 `json:"predicted_value"`
Confidence float64 `json:"confidence"`
}
TrendDataPoint represents a data point in trend analysis
type TrendPrediction ¶
type TrendPrediction struct {
Metadata map[string]any `json:"metadata"`
Metric string `json:"metric"`
Direction string `json:"direction"`
DataPoints []TrendDataPoint `json:"data_points"`
Anomalies []TrendAnomaly `json:"anomalies"`
Timeframe time.Duration `json:"timeframe"`
Magnitude float64 `json:"magnitude"`
Confidence float64 `json:"confidence"`
Seasonality bool `json:"seasonality"`
}
TrendPrediction represents a trend prediction Memory optimized: 144 → 128 bytes (16 bytes saved)
type UserRiskProfile ¶
type UserRiskProfile struct {
LastUpdated time.Time `json:"last_updated"`
BehaviorPatterns map[string]float64 `json:"behavior_patterns"`
AccessPatterns map[string]float64 `json:"access_patterns"`
Metadata map[string]any `json:"metadata"`
UserID string `json:"user_id"`
RiskTrend string `json:"risk_trend"`
AnomalyHistory []AnomalyRecord `json:"anomaly_history"`
BaselineRisk float64 `json:"baseline_risk"`
}
UserRiskProfile represents a user's risk profile
type ValidationIssue ¶
type ValidationIssue struct {
ID string `json:"id"`
Severity string `json:"severity"`
Category string `json:"category"`
Description string `json:"description"`
Remediation string `json:"remediation"`
}
ValidationIssue represents a validation issue
type ValidationResult ¶
type ValidationResult struct {
ValidatedAt time.Time `json:"validated_at"`
Metrics map[string]float64 `json:"metrics"`
Issues []string `json:"issues"`
Score float64 `json:"score"`
Valid bool `json:"valid"`
}
ValidationResult represents validation result
type VendorManagementData ¶
type VendorManagementData struct {
VendorID string `json:"vendor_id"`
VendorName string `json:"vendor_name"`
ServiceType string `json:"service_type"`
RiskRating string `json:"risk_rating"`
ContractDate time.Time `json:"contract_date"`
ReviewDate time.Time `json:"review_date"`
ComplianceStatus string `json:"compliance_status"`
AuditCompleted bool `json:"audit_completed"`
SLAMet bool `json:"sla_met"`
}
VendorManagementData for vendor management controls
type Vulnerability ¶
type Vulnerability struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Severity string `json:"severity"`
Description string `json:"description"`
Impact string `json:"impact"`
Status string `json:"status"`
Remediation []string `json:"remediation"`
CVSS float64 `json:"cvss"`
}
Vulnerability represents a vulnerability
type WidgetConfig ¶
type WidgetConfig struct {
TimeRange TimeRange `json:"time_range"`
Filters map[string]any `json:"filters"`
Thresholds map[string]float64 `json:"thresholds"`
Colors map[string]string `json:"colors"`
Metadata map[string]any `json:"metadata"`
ChartType string `json:"chart_type"`
DataSource string `json:"data_source"`
Aggregation string `json:"aggregation"`
RefreshRate time.Duration `json:"refresh_rate"`
}
WidgetConfig represents widget configuration
type WidgetPosition ¶
WidgetPosition represents widget position
type WidgetSize ¶
WidgetSize represents widget size
Source Files
¶
Click to show internal directories.
Click to hide internal directories.