dpa

package
v0.0.0-...-7d9074b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 22, 2023 License: GPL-3.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrUserAccessDenied = errors.New("you do not have access to the requested resource")
	ErrNotFound         = errors.New("the requested resource not found")
	ErrTooManyRequests  = errors.New("you have exceeded throttle")
)
View Source 
var FullVersionName = fmt.Sprintf("%s-%s", Version, Tag)

FullVersionName is the user-visible aggregation of version and tag of this codebase

View Source 
var Tag = "beta"

Tag field denotes the specific build type for the broker. It may be replaced by compile-time variables if needed to provide the git commit information in the final binary.

View Source 
var Version = "0.0.2"

Version field is a SemVer that should indicate the baked-in version of conceal

Functions

func OauthCredClient 

func OauthCredClient(clientID, clientSecret, clientAppID, clientURL string, scope []string) (*oauth2.Token, error)

OauthCredClient returns a validated Oauth2 Authentication Token based on the following provided information: 

clientID - Username for the Application (e.g. "identity-privilege-integration-user$@example.com")
clientSecret - Password for the Application Service User
clientAppID - Application ID for the Oauth2 Application
clientURL - URL for the Application (e.g. "example.cyberark.cloud")
scope - Scope for the application (e.g. "dpa")

Returns an oauth2.Token or error

func OauthPlatformToken 

func OauthPlatformToken(clientID, clientSecret, clientURL string) (*oauth2.Token, error)

OauthPlatformToken returns a validated Oauth2 Authentication Token based on the following provided information: 

clientID - Username for the Application (e.g. "identity-privilege-integration-user$@example.com")
clientSecret - Password for the Application Service User
clientURL - URL for the Application (e.g. "example.cyberark.cloud")

Returns an oauth2.Token or error

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(httpClient *http.Client, options Options) *Client

func (*Client) Delete 

func (c *Client) Delete(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error

func (*Client) Get 

func (c *Client) Get(ctx context.Context, path string, v interface{}, e interface{}) error

func (*Client) Patch 

func (c *Client) Patch(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error

func (*Client) Post 

func (c *Client) Post(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error

func (*Client) Put 

func (c *Client) Put(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error

type HTTPClient 

type HTTPClient interface {
	Get(ctx context.Context, path string, v interface{}, e interface{}) error
	Post(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error
	Put(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error
	Patch(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error
	Delete(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error
}

Basic Interface Definitions

type Options 

type Options struct {
	ApiURL  string
	Verbose bool
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewService 

func NewService(clientURL, clientApiEndpoint string, verbose bool, authToken *oauth2.Token) (*Service, error)

func (*Service) AddPolicy 

func (s *Service) AddPolicy(ctx context.Context, p interface{}) (*types.AddPolicy, *types.ErrorResponse, error)

Add Policy creates a new policy Expects a struct of type types.Policy Returns types.AddPolicy or types.ErrorResponse based on the response from the API. An error is returned on request failure.

Example: 

// Fill out policy Information
validSamplePolicy := types.Policy{
	PolicyName: "Test Policy",
	Status:     "Enabled",
	ProvidersData: types.ProvidersData{
		Aws: types.Aws{
			Regions:    []string{"us-east-1"},
			Tags:       []types.Tags{},
			VpcIds:     []string{},
			AccountIds: []string{},
			},
		},
	StartDate: "2024-01-10",
	EndDate:   "2025-01-10",
	UserAccessRules: []types.UserAccessRules{
		{
			RuleName: "Example Rule",
			UserData: types.UserData{
				Roles: []types.Roles{
					{
						Name: "Example Role",
					},
				},
			},
			ConnectionInformation: types.ConnectionInformation{
			ConnectAs: types.ConnectAs{
				Aws: types.ConnectAsAws{
					SSH: "ec2-user",
					},
				},
			GrantAccess: 3,
			IdleTime:    10,
			DaysOfWeek:  []string{"Mon", "Tue"},
			FullDays:    true,
			TimeZone:    "Asia/Jerusalem",
			},
		},
	},
}

resp, dpaerr, err := s.AddPolicy(context.Background(), validSamplePolicy)
if err != nil {
	log.Fatalf("Failed to add policy. %s", err)
	return
}

func (*Service) AddTargetSet 

func (s *Service) AddTargetSet(ctx context.Context, p interface{}) (*types.TargetSetActivityResponse, *types.ErrorResponse, error)

AddTargetSet adds a target set or multiple target sets The request body should be a struct containing an array of target sets Struct is defined in pkg/cybr/dpa/types/dicovery.go as TargetSetMapping

Returns types.TargetSetActivityResponse or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

// TargetSet Struct
payload := types.TargetSetMapping{
	StrongAccountID: "string",
	TargetSets: []types.TargetSets{
		Name: "string",
		Description: "string",
		ProvisionFormat: "string",
		EnableCertificateValidation: bool,
		SecretType: "string",
		SecretID: "string",
		Type: "string",
	},
}

resp, dpaerr, err := s.ListTargetSets(context.Background(), payload)
if err != nil {
	log.Fatalf("Failed to add target sets. %s", err)
	return
}

func (*Service) DeletePolicy 

func (s *Service) DeletePolicy(ctx context.Context, p string) (*types.ErrorResponse, error)

DeletePolicy deletes a specific policy Returns no response if succesfull or types.ErrorResponse based on the response from the API. An error is returned on request failure.

Example: 

policyID := "c12f982a-ab1a-12ab-1a31-f221aa31836a"

resp, err := s.DeletePolicy(context.Background(),policyID)
if err != nil {
	log.Fatalf("Failed to delete policy. %s", err)
	return
}

func (*Service) DeleteTargetSet 

func (s *Service) DeleteTargetSet(ctx context.Context, p interface{}) (*types.TargetSetActivityResponse, *types.ErrorResponse, error)

DeleteTargetSet provides the ability to delete target sets The request body should be an array of target set names 

["targetset1", "targetset2"]

Returns types.TargetSetActivityResponse or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

// Create body for DeleteTargetSet Request
payload := []string{"targetsetid1","targetsetid2"}

// Delete Target Sets using slice
resp, dpaerr, err := s.DeleteTargetSet(context.Background(), payload)
if err != nil {
	log.Fatalf("Failed to delete target sets. %s", err)
	return
}

func (*Service) GenerateScript 

func (s *Service) GenerateScript(ctx context.Context, p interface{}) (*types.GenerateScriptResponse, *types.ErrorResponse, error)

GenerateScript generates a request for a connector setup script Body is optional, if nothing is provided a default script will be generated The default script will be for a linux connector in AWS Returns a GenerateScriptResponse or error if failed

Example: 

// Create Body for GenerateScript Request
generateScriptRequest := struct {
	ConnectorOS   string `json:"connectorOs,omitempty"`
	ConnectorType string `json:"connectorType,omitempty"`
}{
	"linux",
	"AWS"
}

// Generate Script using existing Service and Client
apps, dpaerr, err := s.GenerateScript(context.Background(), generateScriptRequest)
if err != nil {
	log.Fatalf("Failed to generate connector script. %s", err)
	return
}

func (*Service) GetPolicy 

func (s *Service) GetPolicy(ctx context.Context, i string) (*types.Policy, *types.ErrorResponse, error)

GetPolicy returns a specific policy Returns types.Policy or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

policyID := "c12f982a-ab1a-12ab-1a31-f221aa31836b"
resp, dpaerr, err := s.ListPolicies(context.Background(), policyID)
if err != nil {
	log.Fatalf("Failed to list policies. %s", err)
	return
}

func (*Service) GetPublicKey 

func (s *Service) GetPublicKey(ctx context.Context, query interface{}) (*types.PublicKey, *types.ErrorResponse, error)

GetPublicKey returns the public key for the DPA Workspace Expects an ordered map of the query parameters Returns a PublicKey, DPA Error Response, or generic error if failed.

Example: 

// Create query for GetPublicKey
query := map[string]string{"workspaceId":"12347578363","workspaceType":"AWS"}

// Call GetPublicKey wtih query
apps, dpaerr, err := s.GetPublicKey(context.Background(), query)
if err != nil {
	log.Fatalf("Failed to retrieve public key. %s", err)
	return
}

func (*Service) GetPublicKeyScript 

func (s *Service) GetPublicKeyScript(ctx context.Context, query interface{}) (*types.PublicKeyScript, *types.ErrorResponse, error)

GetPublicKeyScript returns the public key script for the DPA Workspace Expects an ordered map of the query parameters Returns a PublicKeyScript, DPA Error Response, or generic error if failed.

Example: 

// Create query for GetPublicKeyScript
query := map[string]string{"workspaceId":"12347578363","workspaceType":"AWS"}

// Call GetPublicKeyScript wtih query
apps, dpaerr, err := s.GetPublicKeyScript(context.Background(), query)
if err != nil {
	log.Fatalf("Failed to generate public key script. %s", err)
	return
}

func (*Service) ListPolicies 

func (s *Service) ListPolicies(ctx context.Context) (*types.ListPolicies, *types.ErrorResponse, error)

ListPolicies returns all of the currently configured policies Returns types.ListPolicies or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

resp, dpaerr, err := s.ListPolicies(context.Background())
if err != nil {
	log.Fatalf("Failed to list policies. %s", err)
	return
}

func (*Service) ListSettings 

func (s *Service) ListSettings(ctx context.Context) (*types.Settings, *types.ErrorResponse, error)

ListSettings provides all settings as a response. Returns a types.Settings response or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

// List Settings
resp, dpaerr, err := s.ListSettings(context.Background())
if err != nil {
	log.Fatalf("Failed to retrieve settings. %s", err)
	return
}

func (*Service) ListSettingsFeature 

func (s *Service) ListSettingsFeature(ctx context.Context, f string) (*types.FeatureSetting, *types.ErrorResponse, error)

ListSettingsFeature provides a specific setting reponse. Valid input strings are: 'MFA_CACHING', 'STANDING_ACCESS', 'SSH_COMMAND_AUDIT', 'RDP_FILE_TRANSFER', 'CERTIFICATE_VALIDATION'

Returns a types.Settings response or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

// List Settings Feature
resp, dpaerr, err := s.ListSettingsFeature(context.Background(), "MFA_CACHING")
if err != nil {
	log.Fatalf("Failed to retrieve setting. %s", err)
	return
}

func (*Service) ListTargetSets 

func (s *Service) ListTargetSets(ctx context.Context, query interface{}) (*types.ListTargetSetResponse, *types.ErrorResponse, error)

ListTargetSets returns a list of target sets Query parameters can be used to filter the results and are optional Valid query parameter keys are:

  • b64StartKey - Next page to retrieve if last response returned a value for

b64_last_evaluated_key

  • name - Target set name to filter with, in wildcard format
  • strongAccountId - Strong account ID to filter target sets list with

Returns types.ListTargetSetesponse or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

// List Target Sets with query
query := map[string]string{"name":"example.com"}

resp, errResp, err := s.ListTargetSets(context.Background(), query)
if err != nil {
	log.Fatalf("Failed to list target sets. %s", err)
	return
}

func (*Service) UpdatePolicy 

func (s *Service) UpdatePolicy(ctx context.Context, p interface{}, i string) (*types.Policy, *types.ErrorResponse, error)

Update Policy replaces an existing policy Expects a struct of type types.Policy and a string with the policy ID. Note: The policy ID in the request body must match the policy ID in the path.

Returns types.Policy or types.ErrorResponse based on the response from the API. An error is returned on request failure.

Example: 

// Fill out policy Information
validSamplePolicy := types.Policy{
	PolicyName: "Test Policy",
	PolicyId: "c12f982a-ab1a-12ab-1a31-f221aa31836a"
	Status:     "Enabled",
	ProvidersData: types.ProvidersData{
		Aws: types.Aws{
			Regions:    []string{"us-east-1"},
			Tags:       []types.Tags{},
			VpcIds:     []string{},
			AccountIds: []string{},
			},
		},
	StartDate: "2024-01-10",
	EndDate:   "2025-01-10",
	UserAccessRules: []types.UserAccessRules{
		{
			RuleName: "Example Rule",
			UserData: types.UserData{
				Roles: []types.Roles{
					{
						Name: "Example Role",
					},
				},
			},
			ConnectionInformation: types.ConnectionInformation{
			ConnectAs: types.ConnectAs{
				Aws: types.ConnectAsAws{
					SSH: "ec2-user",
					},
				},
			GrantAccess: 3,
			IdleTime:    10,
			DaysOfWeek:  []string{"Mon", "Tue"},
			FullDays:    true,
			TimeZone:    "Asia/Jerusalem",
			},
		},
	},
}

resp, dpaerr, err := s.UpdatePolicy(context.Background(), validSamplePolicy)
if err != nil {
	log.Fatalf("Failed to update policy. %s", err)
	return
}

func (*Service) UpdateSettings 

func (s *Service) UpdateSettings(ctx context.Context, p interface{}) (*types.Settings, *types.ErrorResponse, error)

UpdateSettings updates the settings for the DPA instance Expects a struct of type types.Settings Returns a types.Settings response or types.ErrorResponse based on the response from the API. An error is returned on request failure

Example: 

// Create Body for UpdateSettings Request
updateSettingsRequest := struct {
	IsMfaCachingEnabled  bool `json:"isMfaCachingEnabled,omitempty"`
	KeyExpirationTimeSec int  `json:"keyExpirationTimeSec,omitempty"`
}{
	true,
	3600
}

// Update settings using created struct
resp, dpaerr, err := s.UpdateSettings(context.Background(), updateSettingsRequest)
if err != nil {
	log.Fatalf("Failed to update settings. %s", err)
	return
}

type Transport 

type Transport struct {
	Source oauth2.TokenSource
	Base   http.RoundTripper
}

Transport is an http.RoundTripper that makes requests, wrapping a base RoundTripper and adding an Authorization header with a bearer token.

Transport is a low-level mechanism.

func (*Transport) RoundTrip 

func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.