Documentation ¶
Index ¶
- Variables
- func HandleSectionRead(schemaKeys []string, hostData *SecuritySettings, d *schema.ResourceData) error
- func LoadFileSystemFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
- func LoadRegistryKeysFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
- func LoadRegistryValuesFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
- func LoadRestrictedGroupsFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
- func LoadSystemServicesFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
- func UTFEncodeIniFile(iniFile *ini.File) (*[]byte, error)
- func WriteAccountLockout(data interface{}, cfg *SecuritySettings) error
- func WriteApplicationLog(data interface{}, cfg *SecuritySettings) error
- func WriteAuditLog(data interface{}, cfg *SecuritySettings) error
- func WriteEventAudit(data interface{}, cfg *SecuritySettings) error
- func WriteKerberosPolicy(data interface{}, cfg *SecuritySettings) error
- func WritePasswordPolicies(data interface{}, cfg *SecuritySettings) error
- func WriteSystemLog(data interface{}, cfg *SecuritySettings) error
- type AccountLockout
- type ApplicationLog
- type AuditLog
- type EventAudit
- type EventLogPolicy
- type FileSystem
- type IniSetSection
- func NewFileSystemFromResource(data interface{}) (IniSetSection, error)
- func NewRegistryKeysFromResource(data interface{}) (IniSetSection, error)
- func NewRegistryValuesFromResource(data interface{}) (IniSetSection, error)
- func NewRestrictedGroupsFromResource(data interface{}) (IniSetSection, error)
- func NewSystemServicesFromResource(data interface{}) (IniSetSection, error)
- type KerberosPolicy
- type PasswordPolicies
- type RegistryKeys
- type RegistryValues
- type RestrictedGroup
- type RestrictedGroups
- type SecuritySettings
- type SystemAccess
- type SystemLog
- type SystemServices
- type Unicode
- type Version
Constants ¶
This section is empty.
Variables ¶
var ListSectionGeneratorMap = map[string]interface{}{ "password_policies": WritePasswordPolicies, "account_lockout": WriteAccountLockout, "kerberos_policy": WriteKerberosPolicy, "system_log": WriteSystemLog, "audit_log": WriteAuditLog, "application_log": WriteApplicationLog, "event_audit": WriteEventAudit, }
ListSectionGeneratorMap maps a schema name to a function that populates the corresponding SecuritySettings fields with resource data.
var SetSectionGeneratorMap = map[string]interface{}{ "restricted_groups": NewRestrictedGroupsFromResource, "registry_values": NewRegistryValuesFromResource, "system_services": NewSystemServicesFromResource, "registry_keys": NewRegistryKeysFromResource, "filesystem": NewFileSystemFromResource, }
SetSectionGeneratorMap maps a schema name to a function that returns an INI section from resource data The difference with the map above is that this one deals with schema elements that are Sets instead of Lists and therefore require different handling.
var SetSectionParserMap = map[string]interface{}{ "Service General Setting": LoadSystemServicesFromIni, "Group Membership": LoadRestrictedGroupsFromIni, "Registry Keys": LoadRegistryKeysFromIni, "Registry Values": LoadRegistryValuesFromIni, "File Security": LoadFileSystemFromIni, }
SetSectionParserMap maps INI section names to functions that parse the sections and populate the relevant SecuritySettings fields. The sections not included in this map are handled by ini.MapTo().
Functions ¶
func HandleSectionRead ¶
func HandleSectionRead(schemaKeys []string, hostData *SecuritySettings, d *schema.ResourceData) error
HandleSectionRead handles all the logic behind the provider's Read() method. For the purposes of the function below: "section": is one of the blocks in the resource's configuration. "hostData": is the golang structure representing the data we parsed from the .inf file we downloaded from the host
func LoadFileSystemFromIni ¶
func LoadFileSystemFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
LoadFileSystemFromIni loads the data from the related INI section inside the given SecuritySettings struct
func LoadRegistryKeysFromIni ¶
func LoadRegistryKeysFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
LoadRegistryKeysFromIni loads the data from the related INI section inside the given SecuritySettings struct
func LoadRegistryValuesFromIni ¶
func LoadRegistryValuesFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
LoadRegistryValuesFromIni loads the data from the related INI section inside the given SecuritySettings struct
func LoadRestrictedGroupsFromIni ¶
func LoadRestrictedGroupsFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
LoadRestrictedGroupsFromIni loads the data from the related INI section inside the given SecuritySettings struct
func LoadSystemServicesFromIni ¶
func LoadSystemServicesFromIni(sectionName string, iniFile *ini.File, cfg *SecuritySettings) error
LoadSystemServicesFromIni updates the given SecuritySettings struct with data parsed from the INI file
func UTFEncodeIniFile ¶
UTFEncodeIniFile returs a byte array containing the encoded version of a string. The string is encoded to UTF16-LE with Byte Order Mark.
func WriteAccountLockout ¶
func WriteAccountLockout(data interface{}, cfg *SecuritySettings) error
WriteAccountLockout populates an AccountLockout struct from resource data
func WriteApplicationLog ¶
func WriteApplicationLog(data interface{}, cfg *SecuritySettings) error
WriteApplicationLog populates a WriteApplicationLog struct from resource data
func WriteAuditLog ¶
func WriteAuditLog(data interface{}, cfg *SecuritySettings) error
WriteAuditLog populates an AuditLog struct from resource data
func WriteEventAudit ¶
func WriteEventAudit(data interface{}, cfg *SecuritySettings) error
WriteEventAudit populates an EventAudit struct from resource data
func WriteKerberosPolicy ¶
func WriteKerberosPolicy(data interface{}, cfg *SecuritySettings) error
WriteKerberosPolicy populates a KerberosSettings struct from resource data
func WritePasswordPolicies ¶
func WritePasswordPolicies(data interface{}, cfg *SecuritySettings) error
WritePasswordPolicies populates a PasswordPolicies struct from resource data
func WriteSystemLog ¶
func WriteSystemLog(data interface{}, cfg *SecuritySettings) error
WriteSystemLog populates a SystemLog struct from resource data
Types ¶
type AccountLockout ¶
type AccountLockout struct { ForceLogoffWhenHourExpire string `ini:",omitempty" mapstructure:"force_logoff_when_hour_expire"` LockoutDuration string `ini:",omitempty" mapstructure:"lockout_duration"` LockoutBadCount string `ini:",omitempty" mapstructure:"lockout_bad_count"` ResetLockoutCount string `ini:",omitempty" mapstructure:"reset_lockout_count"` }
AccountLockout represents the account lockout section of the Security Settings GPO extension
func (*AccountLockout) SetResourceData ¶
func (p *AccountLockout) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the AccountLockout field values
type ApplicationLog ¶
type ApplicationLog struct {
EventLogPolicy `ini:"Application Log,omitempty,squash"`
}
ApplicationLog represents the Application Log section of the Security Settings GPO extension
func (*ApplicationLog) SetResourceData ¶
func (p *ApplicationLog) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the ApplicationLog field values
type AuditLog ¶
type AuditLog struct {
EventLogPolicy `ini:"Audit Log,omitempty,squash"`
}
AuditLog represents the Audit Log section of the Security Settings GPO extension
func (*AuditLog) SetResourceData ¶
func (p *AuditLog) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the AuditLog field values
type EventAudit ¶
type EventAudit struct { AuditAccountManage string `ini:",omitempty" mapstructure:"audit_account_manage"` AuditDSAccess string `ini:",omitempty" mapstructure:"audit_ds_access"` AuditAccountLogon string `ini:",omitempty" mapstructure:"audit_account_logon"` AuditLogonEvents string `ini:",omitempty" mapstructure:"audit_logon_events"` AuditObjectAccess string `ini:",omitempty" mapstructure:"audit_object_access"` AuditPolicyChange string `ini:",omitempty" mapstructure:"audit_policy_change"` AuditPrivilegeUse string `ini:",omitempty" mapstructure:"audit_privilege_use"` AuditProcessTracking string `ini:",omitempty" mapstructure:"audit_process_tracking"` AuditSystemEvents string `ini:",omitempty" mapstructure:"audit_system_events"` }
EventAudit represents the event audit policies section of the Security Settings GPO extension
func (*EventAudit) SetResourceData ¶
func (p *EventAudit) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the EventAudit field values
type EventLogPolicy ¶
type EventLogPolicy struct { MaximumLogSize string `ini:",omitempty" mapstructure:"maximum_log_size,omitempty"` AuditLogRetentionPeriod string `ini:",omitempty" mapstructure:"audit_log_retention_period,omitempty"` RetentionDays string `ini:",omitempty" mapstructure:"retention_days,omitempty"` RestrictGuestAccess string `ini:",omitempty" mapstructure:"restrict_guest_access,omitempty"` }
EventLogPolicy is a structure that is used by the next three identical structures
func NewEventLogPolicy ¶
func NewEventLogPolicy(data interface{}) (EventLogPolicy, error)
NewEventLogPolicy returns an EventLogPolicy structure populated from resource data
func (*EventLogPolicy) SetResourceData ¶
func (p *EventLogPolicy) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the EventLogPolicy field values
type FileSystem ¶
type FileSystem struct {
Paths []string
}
FileSystem represents the File System section of the Security Settings GPO extension
func (*FileSystem) SetIniData ¶
func (r *FileSystem) SetIniData(f *ini.File) error
SetIniData populates the INI file with data from this struct
func (*FileSystem) SetResourceData ¶
func (r *FileSystem) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates the resource's filed for the given section using the struct's data.
type IniSetSection ¶
type IniSetSection interface {
SetIniData(*ini.File) error
}
IniSetSection is used when we need to treat all Set-typed schema elements the same way
func NewFileSystemFromResource ¶
func NewFileSystemFromResource(data interface{}) (IniSetSection, error)
NewFileSystemFromResource returns a new struct based on the resource's values
func NewRegistryKeysFromResource ¶
func NewRegistryKeysFromResource(data interface{}) (IniSetSection, error)
NewRegistryKeysFromResource returns a new struct based on the resoruce's values
func NewRegistryValuesFromResource ¶
func NewRegistryValuesFromResource(data interface{}) (IniSetSection, error)
NewRegistryValuesFromResource returns a new struct based on the resoruce's values
func NewRestrictedGroupsFromResource ¶
func NewRestrictedGroupsFromResource(data interface{}) (IniSetSection, error)
NewRestrictedGroupsFromResource returns a new struct based on the resoruce's values
func NewSystemServicesFromResource ¶
func NewSystemServicesFromResource(data interface{}) (IniSetSection, error)
NewSystemServicesFromResource returns a new SystemServices structure populated with data from the resources.
type KerberosPolicy ¶
type KerberosPolicy struct { MaxServiceAge string `ini:",omitempty" mapstructure:"max_service_age"` MaxTicketAge string `ini:",omitempty" mapstructure:"max_ticket_age"` MaxRenewAge string `ini:",omitempty" mapstructure:"max_renew_age"` MaxClockSkew string `ini:",omitempty" mapstructure:"max_clock_skew"` TicketValidateClient string `ini:",omitempty" mapstructure:"ticket_validate_client"` }
KerberosPolicy represents the kerberos settings section of the Security Settings GPO extension
func (*KerberosPolicy) SetResourceData ¶
func (p *KerberosPolicy) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the KerberosSettings field values
type PasswordPolicies ¶
type PasswordPolicies struct { MaximumPasswordAge string `ini:",omitempty" mapstructure:"maximum_password_age"` MinimumPasswordAge string `ini:",omitempty" mapstructure:"minimum_password_age"` MinimumPasswordLength string `ini:",omitempty" mapstructure:"minimum_password_length"` PasswordComplexity string `ini:",omitempty" mapstructure:"password_complexity"` ClearTextPassword string `ini:",omitempty" mapstructure:"clear_text_password"` PasswordHistorySize string `ini:",omitempty" mapstructure:"password_history_size"` }
PasswordPolicies represents the password policies section of the Security Settings GPO extension
func (*PasswordPolicies) SetResourceData ¶
func (p *PasswordPolicies) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the PasswordPolicies field values
type RegistryKeys ¶
type RegistryKeys struct {
Keys []string
}
RegistryKeys represents the Registry Keys section of the Security Settings GPO extension
func (*RegistryKeys) SetIniData ¶
func (r *RegistryKeys) SetIniData(f *ini.File) error
SetIniData populates the INI file with data from this struct
func (*RegistryKeys) SetResourceData ¶
func (r *RegistryKeys) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates the resource's filed for the given section using the struct's data.
type RegistryValues ¶
type RegistryValues struct {
Values []string
}
RegistryValues is used to populate the Registry Values section of the inf file that is used by many GPO features to set values in the registry
func (*RegistryValues) SetIniData ¶
func (r *RegistryValues) SetIniData(f *ini.File) error
SetIniData populates the INI file with data from this struct
func (*RegistryValues) SetResourceData ¶
func (r *RegistryValues) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates the resource's filed for the given section using the struct's data.
type RestrictedGroup ¶
RestrictedGroup represents a group that has its membership attributes managed by a GPO
type RestrictedGroups ¶
type RestrictedGroups struct {
Groups []RestrictedGroup `mapstructure:"omitempty"`
}
RestrictedGroups represents the Restricted Groups section of the Security Settings GPO extension
func (*RestrictedGroups) SetIniData ¶
func (r *RestrictedGroups) SetIniData(f *ini.File) error
SetIniData populates the INI file with data from this struct
func (*RestrictedGroups) SetResourceData ¶
func (r *RestrictedGroups) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the RestrictedGroups field values
type SecuritySettings ¶
type SecuritySettings struct { Unicode Version *SystemAccess `ini:"System Access,omitempty" mapstructure:"system_access,omitempty"` *KerberosPolicy `ini:"Kerberos Policy,omitempty" mapstructure:"kerberos_settings,omitempty"` *EventAudit `ini:"Event Audit,omitempty" mapstructure:"event_audit_policy,omitempty"` *SystemLog `ini:"System Log,omitempty" mapstructure:"system_log,omitempty"` *AuditLog `ini:"Security Log,omitempty" mapstructure:"audit_log,omitempty"` *ApplicationLog `ini:"Application Log,omitempty" mapstructure:"application_log,omitempty"` *RestrictedGroups `ini:"Group Membership,omitempty" mapstructure:"restricted_groups,omitempty"` *RegistryKeys `ini:"Registry Keys,omitempty" mapstructure:"registry_keys,omitempty"` *RegistryValues `ini:"Registry Values,omitempty" mapstructure:"registry_values,omitempty"` *SystemServices `ini:"Service General Setting,omitempty" mapstructure:"system_services,omitempty"` *FileSystem `ini:"File Security,omitempty" mapstructure:"filesystem,omitempty"` }
SecuritySettings is a data structure representing the contents of the security settings INF file. It has tags used to map both the contents of the INF file as well as the resource data.
func NewSecuritySettings ¶
func NewSecuritySettings() *SecuritySettings
NewSecuritySettings returns a SecuritySettings struct with the header already populated. https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-gpsb/fa15485d-ae9f-456e-a08f-81f2e5725a7e
func ParseIniFile ¶
func ParseIniFile(iniBytes []byte, utf16Decode bool) (*SecuritySettings, error)
ParseIniFile decodes the INF file and returns an IniFile populated with the data found in it. If ut16fDecode is true then it translates contents from UTF16.
func (*SecuritySettings) GetSectionData ¶
func (s *SecuritySettings) GetSectionData(section string, d *schema.ResourceData) error
GetSectionData returns one of SecuritySettings' nested structures based on the key provided
func (*SecuritySettings) PopulateSecuritySettings ¶
func (s *SecuritySettings) PopulateSecuritySettings(d *schema.ResourceData, iniFile *ini.File) error
PopulateSecuritySettings populates the SecuritySettings struct from resource data
type SystemAccess ¶
type SystemAccess struct { *PasswordPolicies `ini:"System Access,omitempty,squash"` *AccountLockout `ini:"System Access,omitempty,squash"` }
SystemAccess is a header in the INF file that holds information for the two sections described above
type SystemLog ¶
type SystemLog struct {
EventLogPolicy `ini:"System Log,omitempty,squash"`
}
SystemLog represents the system log section of the Security Settings GPO extension
func (*SystemLog) SetResourceData ¶
func (p *SystemLog) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the SystemLog field values
type SystemServices ¶
type SystemServices struct {
Services []string
}
SystemServices represents the System Services section of the Security Settings GPO extension
func (*SystemServices) SetIniData ¶
func (r *SystemServices) SetIniData(f *ini.File) error
SetIniData populates the INI file with data.
func (*SystemServices) SetResourceData ¶
func (r *SystemServices) SetResourceData(section string, d *schema.ResourceData) error
SetResourceData populates resource data based on the SystemServices field values