Documentation ¶
Index ¶
Constants ¶
const ( // @deprecated Allowlist = RulePolicyAllowlist Blocklist = RulePolicyBlocklist SilentBlocklist = RulePolicySilentBlocklist Remove = RulePolicyRemove AllowlistCompiler = RulePolicyAllowlistCompiler AllowlistTransitive = RulePolicyAllowlistTransitive )
const ( // @deprecated Binary = RuleTypeBinary // @deprecated Certificate = RuleTypeCertificate )
Variables ¶
This section is empty.
Functions ¶
func ValidateMachineID ¶
ValidateMachineID returns an error if a machineID is not a properly formatted UUID string
func ValidateSha256 ¶
Types ¶
type ClientMode ¶
type ClientMode int
ClientMode specifies which mode the Santa client will evaluate rules in.
const ( Monitor ClientMode = iota + 1 Lockdown )
func (*ClientMode) UnmarshalText ¶
func (c *ClientMode) UnmarshalText(text []byte) error
UnmarshalText yes
type DataType ¶
type DataType string
DataType identifies the current DynamoDB data model
func (DataType) MarshalDynamoDBAttributeValue ¶
func (dt DataType) MarshalDynamoDBAttributeValue() (awstypes.AttributeValue, error)
MarshalDynamoDBAttributeValue implements the Marshal interface
func (*DataType) UnmarshalDynamoDBAttributeValue ¶
func (dt *DataType) UnmarshalDynamoDBAttributeValue(av awstypes.AttributeValue) error
UnmarshalDynamoDBAttributeValue implements the Unmarshaler interface
type Policy ¶
type Policy int
Policy represents the Santa Rule Policy.
const ( RulePolicyAllowlist Policy = iota + 1 RulePolicyBlocklist RulePolicySilentBlocklist // Remove is a "special" rule in that, when it is sent by the server, it instructs the sensor // to delete any associated rule. RulePolicyRemove // AllowlistCompiler is a Transitive Allowlist policy which allows binaries created by // a specific compiler. EnabledTransitiveRules must be set to true in the Preflight first. RulePolicyAllowlistCompiler // Transitive rules are created by the santa sensor itself; it is never created by the server. // Transitive rules are destroyed upon every clean sync. RulePolicyAllowlistTransitive )
func (Policy) MarshalDynamoDBAttributeValue ¶
func (p Policy) MarshalDynamoDBAttributeValue() (awstypes.AttributeValue, error)
MarshalDynamoDBAttributeValue for ddb
func (Policy) MarshalText ¶
MarshalText for JSON marshalling interface
func (*Policy) UnmarshalDynamoDBAttributeValue ¶
func (p *Policy) UnmarshalDynamoDBAttributeValue(av awstypes.AttributeValue) error
func (*Policy) UnmarshalText ¶
UnmarshalText for JSON marshalling interface Use Santa defined constants https://github.com/google/santa/blob/main/Source/santactl/Commands/sync/SNTCommandSyncConstants.m#L98-L109
type RuleType ¶
type RuleType int
RuleType represents a Santa rule type.
const ( // Binary rules use the SHA-256 hash of the entire binary as an identifier. RuleTypeBinary RuleType = iota + 1 // Certificate rules are formed from the SHA-256 fingerprint of an X.509 leaf signing certificate. // This is a powerful rule type that has a much broader reach than an individual binary rule . // A signing certificate can sign any number of binaries. RuleTypeCertificate // SigningID rules are arbitrary identifiers under developer control that are given to a binary at signing time. // Typically, these use reverse domain name notation and include the name of the binary (e.g. com.google.Chrome). // Because the signing IDs are arbitrary, the Santa rule identifier must be prefixed with the Team ID associated with the Apple developer certificate used to sign the application. // For example, a signing ID rule for Google Chrome would be: EQHXZ8M8AV:com.google.Chrome. //For platform binaries (i.e. those binaries shipped by Apple with the OS) which do not have a Team ID, the string platform must be used (e.g. platform:com.apple.curl). RuleTypeSigningID // TeamID rules are formed from the Apple Developer Program Team ID is a 10-character identifier issued by Apple and tied to developer accounts/organizations. // This is distinct from Certificates, as a single developer account can and frequently will request/rotate between multiple different signing certificates and entitlements. // This is an even more powerful rule with broader reach than individual certificate rules. RuleTypeTeamID )
func (RuleType) MarshalDynamoDBAttributeValue ¶
func (r RuleType) MarshalDynamoDBAttributeValue() (awstypes.AttributeValue, error)
MarshalDynamoDBAttributeValue for ddb
func (RuleType) MarshalText ¶
MarshalText for JSON marshalling interface
func (*RuleType) UnmarshalDynamoDBAttributeValue ¶
func (r *RuleType) UnmarshalDynamoDBAttributeValue(av awstypes.AttributeValue) error
UnmarshalDynamoDBAttributeValue implements the Unmarshaler interface
func (*RuleType) UnmarshalText ¶
UnmarshalText for JSON marshalling interface
type SyncType ¶ added in v1.0.0
type SyncType string
func (SyncType) MarshalText ¶ added in v1.0.0
MarshalText
func (*SyncType) UnmarshalText ¶ added in v1.0.0
UnmarshalText