Documentation ¶
Index ¶
- Variables
- func OauthCredClient(clientID, clientSecret, clientAppID, clientURL string, scope []string) (*oauth2.Token, error)
- func OauthPlatformToken(clientID, clientSecret, clientURL string) (*oauth2.Token, error)
- type Client
- func (c *Client) Delete(ctx context.Context, path string, payload interface{}, v interface{}, ...) error
- func (c *Client) Get(ctx context.Context, path string, v interface{}, e interface{}) error
- func (c *Client) Patch(ctx context.Context, path string, payload interface{}, v interface{}, ...) error
- func (c *Client) Post(ctx context.Context, path string, payload interface{}, v interface{}, ...) error
- func (c *Client) Put(ctx context.Context, path string, payload interface{}, v interface{}, ...) error
- type HTTPClient
- type Options
- type Service
- func (s *Service) AddPolicy(ctx context.Context, p interface{}) (*types.AddPolicy, *types.ErrorResponse, error)
- func (s *Service) AddTargetSet(ctx context.Context, p interface{}) (*types.TargetSetActivityResponse, *types.ErrorResponse, error)
- func (s *Service) DeletePolicy(ctx context.Context, p string) (*types.ErrorResponse, error)
- func (s *Service) DeleteTargetSet(ctx context.Context, p interface{}) (*types.TargetSetActivityResponse, *types.ErrorResponse, error)
- func (s *Service) GenerateScript(ctx context.Context, p interface{}) (*types.GenerateScriptResponse, *types.ErrorResponse, error)
- func (s *Service) GetPolicy(ctx context.Context, i string) (*types.Policy, *types.ErrorResponse, error)
- func (s *Service) GetPublicKey(ctx context.Context, query interface{}) (*types.PublicKey, *types.ErrorResponse, error)
- func (s *Service) GetPublicKeyScript(ctx context.Context, query interface{}) (*types.PublicKeyScript, *types.ErrorResponse, error)
- func (s *Service) ListPolicies(ctx context.Context) (*types.ListPolicies, *types.ErrorResponse, error)
- func (s *Service) ListSettings(ctx context.Context) (*types.Settings, *types.ErrorResponse, error)
- func (s *Service) ListSettingsFeature(ctx context.Context, f string) (*types.FeatureSetting, *types.ErrorResponse, error)
- func (s *Service) ListTargetSets(ctx context.Context, query interface{}) (*types.ListTargetSetResponse, *types.ErrorResponse, error)
- func (s *Service) UpdatePolicy(ctx context.Context, p interface{}, i string) (*types.Policy, *types.ErrorResponse, error)
- func (s *Service) UpdateSettings(ctx context.Context, p interface{}) (*types.Settings, *types.ErrorResponse, error)
- type Transport
Constants ¶
This section is empty.
Variables ¶
var ( ErrUserAccessDenied = errors.New("you do not have access to the requested resource") ErrNotFound = errors.New("the requested resource not found") ErrTooManyRequests = errors.New("you have exceeded throttle") )
var FullVersionName = fmt.Sprintf("%s-%s", Version, Tag)
FullVersionName is the user-visible aggregation of version and tag of this codebase
var Tag = "beta"
Tag field denotes the specific build type for the broker. It may be replaced by compile-time variables if needed to provide the git commit information in the final binary.
var Version = "0.0.2"
Version field is a SemVer that should indicate the baked-in version of conceal
Functions ¶
func OauthCredClient ¶
func OauthCredClient(clientID, clientSecret, clientAppID, clientURL string, scope []string) (*oauth2.Token, error)
OauthCredClient returns a validated Oauth2 Authentication Token based on the following provided information:
clientID - Username for the Application (e.g. "identity-privilege-integration-user$@example.com") clientSecret - Password for the Application Service User clientAppID - Application ID for the Oauth2 Application clientURL - URL for the Application (e.g. "example.cyberark.cloud") scope - Scope for the application (e.g. "dpa")
Returns an oauth2.Token or error
func OauthPlatformToken ¶
OauthPlatformToken returns a validated Oauth2 Authentication Token based on the following provided information:
clientID - Username for the Application (e.g. "identity-privilege-integration-user$@example.com") clientSecret - Password for the Application Service User clientURL - URL for the Application (e.g. "example.cyberark.cloud")
Returns an oauth2.Token or error
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
type HTTPClient ¶
type HTTPClient interface { Get(ctx context.Context, path string, v interface{}, e interface{}) error Post(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error Put(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error Patch(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error Delete(ctx context.Context, path string, payload interface{}, v interface{}, e interface{}) error }
Basic Interface Definitions
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func NewService ¶
func (*Service) AddPolicy ¶
func (s *Service) AddPolicy(ctx context.Context, p interface{}) (*types.AddPolicy, *types.ErrorResponse, error)
Add Policy creates a new policy Expects a struct of type types.Policy Returns types.AddPolicy or types.ErrorResponse based on the response from the API. An error is returned on request failure.
Example:
// Fill out policy Information validSamplePolicy := types.Policy{ PolicyName: "Test Policy", Status: "Enabled", ProvidersData: types.ProvidersData{ Aws: types.Aws{ Regions: []string{"us-east-1"}, Tags: []types.Tags{}, VpcIds: []string{}, AccountIds: []string{}, }, }, StartDate: "2024-01-10", EndDate: "2025-01-10", UserAccessRules: []types.UserAccessRules{ { RuleName: "Example Rule", UserData: types.UserData{ Roles: []types.Roles{ { Name: "Example Role", }, }, }, ConnectionInformation: types.ConnectionInformation{ ConnectAs: types.ConnectAs{ Aws: types.ConnectAsAws{ SSH: "ec2-user", }, }, GrantAccess: 3, IdleTime: 10, DaysOfWeek: []string{"Mon", "Tue"}, FullDays: true, TimeZone: "Asia/Jerusalem", }, }, }, } resp, dpaerr, err := s.AddPolicy(context.Background(), validSamplePolicy) if err != nil { log.Fatalf("Failed to add policy. %s", err) return }
func (*Service) AddTargetSet ¶
func (s *Service) AddTargetSet(ctx context.Context, p interface{}) (*types.TargetSetActivityResponse, *types.ErrorResponse, error)
AddTargetSet adds a target set or multiple target sets The request body should be a struct containing an array of target sets Struct is defined in pkg/cybr/dpa/types/dicovery.go as TargetSetMapping
Returns types.TargetSetActivityResponse or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
// TargetSet Struct payload := types.TargetSetMapping{ StrongAccountID: "string", TargetSets: []types.TargetSets{ Name: "string", Description: "string", ProvisionFormat: "string", EnableCertificateValidation: bool, SecretType: "string", SecretID: "string", Type: "string", }, } resp, dpaerr, err := s.ListTargetSets(context.Background(), payload) if err != nil { log.Fatalf("Failed to add target sets. %s", err) return }
func (*Service) DeletePolicy ¶
DeletePolicy deletes a specific policy Returns no response if succesfull or types.ErrorResponse based on the response from the API. An error is returned on request failure.
Example:
policyID := "c12f982a-ab1a-12ab-1a31-f221aa31836a" resp, err := s.DeletePolicy(context.Background(),policyID) if err != nil { log.Fatalf("Failed to delete policy. %s", err) return }
func (*Service) DeleteTargetSet ¶
func (s *Service) DeleteTargetSet(ctx context.Context, p interface{}) (*types.TargetSetActivityResponse, *types.ErrorResponse, error)
DeleteTargetSet provides the ability to delete target sets The request body should be an array of target set names
["targetset1", "targetset2"]
Returns types.TargetSetActivityResponse or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
// Create body for DeleteTargetSet Request payload := []string{"targetsetid1","targetsetid2"} // Delete Target Sets using slice resp, dpaerr, err := s.DeleteTargetSet(context.Background(), payload) if err != nil { log.Fatalf("Failed to delete target sets. %s", err) return }
func (*Service) GenerateScript ¶
func (s *Service) GenerateScript(ctx context.Context, p interface{}) (*types.GenerateScriptResponse, *types.ErrorResponse, error)
GenerateScript generates a request for a connector setup script Body is optional, if nothing is provided a default script will be generated The default script will be for a linux connector in AWS Returns a GenerateScriptResponse or error if failed
Example:
// Create Body for GenerateScript Request generateScriptRequest := struct { ConnectorOS string `json:"connectorOs,omitempty"` ConnectorType string `json:"connectorType,omitempty"` }{ "linux", "AWS" } // Generate Script using existing Service and Client apps, dpaerr, err := s.GenerateScript(context.Background(), generateScriptRequest) if err != nil { log.Fatalf("Failed to generate connector script. %s", err) return }
func (*Service) GetPolicy ¶
func (s *Service) GetPolicy(ctx context.Context, i string) (*types.Policy, *types.ErrorResponse, error)
GetPolicy returns a specific policy Returns types.Policy or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
policyID := "c12f982a-ab1a-12ab-1a31-f221aa31836b" resp, dpaerr, err := s.ListPolicies(context.Background(), policyID) if err != nil { log.Fatalf("Failed to list policies. %s", err) return }
func (*Service) GetPublicKey ¶
func (s *Service) GetPublicKey(ctx context.Context, query interface{}) (*types.PublicKey, *types.ErrorResponse, error)
GetPublicKey returns the public key for the DPA Workspace Expects an ordered map of the query parameters Returns a PublicKey, DPA Error Response, or generic error if failed.
Example:
// Create query for GetPublicKey query := map[string]string{"workspaceId":"12347578363","workspaceType":"AWS"} // Call GetPublicKey wtih query apps, dpaerr, err := s.GetPublicKey(context.Background(), query) if err != nil { log.Fatalf("Failed to retrieve public key. %s", err) return }
func (*Service) GetPublicKeyScript ¶
func (s *Service) GetPublicKeyScript(ctx context.Context, query interface{}) (*types.PublicKeyScript, *types.ErrorResponse, error)
GetPublicKeyScript returns the public key script for the DPA Workspace Expects an ordered map of the query parameters Returns a PublicKeyScript, DPA Error Response, or generic error if failed.
Example:
// Create query for GetPublicKeyScript query := map[string]string{"workspaceId":"12347578363","workspaceType":"AWS"} // Call GetPublicKeyScript wtih query apps, dpaerr, err := s.GetPublicKeyScript(context.Background(), query) if err != nil { log.Fatalf("Failed to generate public key script. %s", err) return }
func (*Service) ListPolicies ¶
func (s *Service) ListPolicies(ctx context.Context) (*types.ListPolicies, *types.ErrorResponse, error)
ListPolicies returns all of the currently configured policies Returns types.ListPolicies or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
resp, dpaerr, err := s.ListPolicies(context.Background()) if err != nil { log.Fatalf("Failed to list policies. %s", err) return }
func (*Service) ListSettings ¶
ListSettings provides all settings as a response. Returns a types.Settings response or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
// List Settings resp, dpaerr, err := s.ListSettings(context.Background()) if err != nil { log.Fatalf("Failed to retrieve settings. %s", err) return }
func (*Service) ListSettingsFeature ¶
func (s *Service) ListSettingsFeature(ctx context.Context, f string) (*types.FeatureSetting, *types.ErrorResponse, error)
ListSettingsFeature provides a specific setting reponse. Valid input strings are: 'MFA_CACHING', 'STANDING_ACCESS', 'SSH_COMMAND_AUDIT', 'RDP_FILE_TRANSFER', 'CERTIFICATE_VALIDATION'
Returns a types.Settings response or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
// List Settings Feature resp, dpaerr, err := s.ListSettingsFeature(context.Background(), "MFA_CACHING") if err != nil { log.Fatalf("Failed to retrieve setting. %s", err) return }
func (*Service) ListTargetSets ¶
func (s *Service) ListTargetSets(ctx context.Context, query interface{}) (*types.ListTargetSetResponse, *types.ErrorResponse, error)
ListTargetSets returns a list of target sets Query parameters can be used to filter the results and are optional Valid query parameter keys are:
- b64StartKey - Next page to retrieve if last response returned a value for
b64_last_evaluated_key
- name - Target set name to filter with, in wildcard format
- strongAccountId - Strong account ID to filter target sets list with
Returns types.ListTargetSetesponse or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
// List Target Sets with query query := map[string]string{"name":"example.com"} resp, errResp, err := s.ListTargetSets(context.Background(), query) if err != nil { log.Fatalf("Failed to list target sets. %s", err) return }
func (*Service) UpdatePolicy ¶
func (s *Service) UpdatePolicy(ctx context.Context, p interface{}, i string) (*types.Policy, *types.ErrorResponse, error)
Update Policy replaces an existing policy Expects a struct of type types.Policy and a string with the policy ID. Note: The policy ID in the request body must match the policy ID in the path.
Returns types.Policy or types.ErrorResponse based on the response from the API. An error is returned on request failure.
Example:
// Fill out policy Information validSamplePolicy := types.Policy{ PolicyName: "Test Policy", PolicyId: "c12f982a-ab1a-12ab-1a31-f221aa31836a" Status: "Enabled", ProvidersData: types.ProvidersData{ Aws: types.Aws{ Regions: []string{"us-east-1"}, Tags: []types.Tags{}, VpcIds: []string{}, AccountIds: []string{}, }, }, StartDate: "2024-01-10", EndDate: "2025-01-10", UserAccessRules: []types.UserAccessRules{ { RuleName: "Example Rule", UserData: types.UserData{ Roles: []types.Roles{ { Name: "Example Role", }, }, }, ConnectionInformation: types.ConnectionInformation{ ConnectAs: types.ConnectAs{ Aws: types.ConnectAsAws{ SSH: "ec2-user", }, }, GrantAccess: 3, IdleTime: 10, DaysOfWeek: []string{"Mon", "Tue"}, FullDays: true, TimeZone: "Asia/Jerusalem", }, }, }, } resp, dpaerr, err := s.UpdatePolicy(context.Background(), validSamplePolicy) if err != nil { log.Fatalf("Failed to update policy. %s", err) return }
func (*Service) UpdateSettings ¶
func (s *Service) UpdateSettings(ctx context.Context, p interface{}) (*types.Settings, *types.ErrorResponse, error)
UpdateSettings updates the settings for the DPA instance Expects a struct of type types.Settings Returns a types.Settings response or types.ErrorResponse based on the response from the API. An error is returned on request failure
Example:
// Create Body for UpdateSettings Request updateSettingsRequest := struct { IsMfaCachingEnabled bool `json:"isMfaCachingEnabled,omitempty"` KeyExpirationTimeSec int `json:"keyExpirationTimeSec,omitempty"` }{ true, 3600 } // Update settings using created struct resp, dpaerr, err := s.UpdateSettings(context.Background(), updateSettingsRequest) if err != nil { log.Fatalf("Failed to update settings. %s", err) return }
type Transport ¶
type Transport struct { Source oauth2.TokenSource Base http.RoundTripper }
Transport is an http.RoundTripper that makes requests, wrapping a base RoundTripper and adding an Authorization header with a bearer token.
Transport is a low-level mechanism.