connectors

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2022 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Package connectors implements connectors to different security services, like AWS GuardDuty, AWS Security Hub, or Palo Alto Prisma Cloud.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetAccountID 

func GetAccountID(session client.ConfigProvider) (string, error)

GetAccountID returns AWS account ID using provided session, without error handling because in case of problem with credentials we'll see it on the first use

func NewMasterMemberSess 

func NewMasterMemberSess(region, memberAccountID, memberRole string) (*session.Session, *session.Session)

NewMasterMemberSess returns AWS session.Session object for specified region for master account and provided role in member account

Types

type DetectiveInviter 

type DetectiveInviter struct {
	// contains filtered or unexported fields
}

DetectiveInviter is a per-region structure which contains all information for adding new member account to Detective master.

func NewDetectiveInviter 

func NewDetectiveInviter(masterSess, memberSess client.ConfigProvider) *DetectiveInviter

NewDetectiveInviter creates new instance of DetectiveInviter which is capable of inviting specified member account to master account Detective

func (DetectiveInviter) AddMember 

func (d DetectiveInviter) AddMember(accountID, accountEmail, masterAccountID string) error

AddMember adds new member account to master, sends invite to it, and then accepts invite from the member account. In case the member is already in place and connected (enabled), nothing is done. https://docs.aws.amazon.com/detective/latest/userguide/detective-accounts.html

type DetectiveMasterClient 

type DetectiveMasterClient interface {
	GetMembers(*detective.GetMembersInput) (*detective.GetMembersOutput, error)
	CreateMembers(*detective.CreateMembersInput) (*detective.CreateMembersOutput, error)
	ListGraphs(*detective.ListGraphsInput) (*detective.ListGraphsOutput, error)
}

DetectiveMasterClient is a subset of aws-sdk-go/service/detective which is used for sending invitations from Detective master.

type DetectiveMemberClient 

type DetectiveMemberClient interface {
	ListInvitations(*detective.ListInvitationsInput) (*detective.ListInvitationsOutput, error)
	AcceptInvitation(*detective.AcceptInvitationInput) (*detective.AcceptInvitationOutput, error)
}

DetectiveMemberClient is a subset of aws-sdk-go/service/detective which is used for accepting invitations on Detective member.

type GuardDutyInviter 

type GuardDutyInviter struct {
	// contains filtered or unexported fields
}

GuardDutyInviter is a per-region structure which contains all information for adding new member account to GuardDuty master.

func NewGuardDutyInviter 

func NewGuardDutyInviter(masterSess, memberSess client.ConfigProvider) *GuardDutyInviter

NewGuardDutyInviter creates new instance of GuardDutyInviter which is capable of inviting specified member account to master account GuardDuty

func (GuardDutyInviter) AddMember 

func (g GuardDutyInviter) AddMember(accountID, accountEmail, masterAccountID string) error

AddMember adds new member account to master, sends invite to it, and then accepts invite from the member account. In case the member is already in place and connected (enabled), nothing is done. https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_accounts.html

type GuardDutyListDetectors 

type GuardDutyListDetectors interface {
	ListDetectors(*guardduty.ListDetectorsInput) (*guardduty.ListDetectorsOutput, error)
}

GuardDutyListDetectors is interface for ListDetectors function which is used both in master and member.

type GuardDutyMasterClient 

type GuardDutyMasterClient interface {
	GuardDutyListDetectors
	GetMembers(*guardduty.GetMembersInput) (*guardduty.GetMembersOutput, error)
	CreateMembers(*guardduty.CreateMembersInput) (*guardduty.CreateMembersOutput, error)
	InviteMembers(*guardduty.InviteMembersInput) (*guardduty.InviteMembersOutput, error)
}

GuardDutyMasterClient is a subset of aws-sdk-go/service/guardduty which is used for sending invitations from GuardDuty master.

type GuardDutyMemberClient 

type GuardDutyMemberClient interface {
	GuardDutyListDetectors
	ListInvitations(*guardduty.ListInvitationsInput) (*guardduty.ListInvitationsOutput, error)
	AcceptAdministratorInvitation(*guardduty.AcceptAdministratorInvitationInput) (*guardduty.AcceptAdministratorInvitationOutput, error)
}

GuardDutyMemberClient is a subset of aws-sdk-go/service/guardduty which is used for accepting invitations on GuardDuty member.

type Prisma 

type Prisma struct {
	// contains filtered or unexported fields
}

Prisma contain credentials for API access

func NewPrisma 

func NewPrisma(username, password, apiURL string) *Prisma

NewPrisma returns new Prisma client

func (Prisma) AddAWSAccount 

func (p Prisma) AddAWSAccount(accountID, name, externalID, roleName string) error

AddAWSAccount adds an AWS account to Prisma, or updates existing one with provided AWS credentials in case it's necessary

type SecurityHubInviter 

type SecurityHubInviter struct {
	// contains filtered or unexported fields
}

SecurityHubInviter is a per-region structure which contains all information for adding new member account to Security Hub master.

func NewSecurityHubInviter 

func NewSecurityHubInviter(masterSess, memberSess client.ConfigProvider) *SecurityHubInviter

NewSecurityHubInviter creates new instance of SecurityHubInviter which is capable of inviting specified member account to master account SecurityHub

func (SecurityHubInviter) AddMember 

func (s SecurityHubInviter) AddMember(accountID, accountEmail, masterAccountID string) error

AddMember adds new member account to master, sends invite to it, and then accepts invite from the member account. In case the member is already in place and connected (enabled), nothing is done. https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html

type SecurityHubMasterClient 

type SecurityHubMasterClient interface {
	GetMembers(*securityhub.GetMembersInput) (*securityhub.GetMembersOutput, error)
	CreateMembers(*securityhub.CreateMembersInput) (*securityhub.CreateMembersOutput, error)
	InviteMembers(*securityhub.InviteMembersInput) (*securityhub.InviteMembersOutput, error)
}

SecurityHubMasterClient is a subset of aws-sdk-go/service/securityhub which is used for sending invitations from Security Hub master.

type SecurityHubMemberClient 

type SecurityHubMemberClient interface {
	ListInvitations(*securityhub.ListInvitationsInput) (*securityhub.ListInvitationsOutput, error)
	AcceptInvitation(*securityhub.AcceptInvitationInput) (*securityhub.AcceptInvitationOutput, error)
}

SecurityHubMemberClient is a subset of aws-sdk-go/service/securityhub which is used for accepting invitations on Security Hub member.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.