Documentation
¶
Index ¶
- Constants
- func Find(slice []string, val string) bool
- func UpdatePayload(saas, update bool, user *FullUser) interface{}
- type Acknowledge
- type AcknowledgeList
- type AcknowledgePost
- type AllowedExecutables
- type AllowedRegistries
- type ApplicationScope
- type AquaLabel
- type AquaLabels
- type Artifact
- type AssurancePolicy
- type AssuranceResults
- type Auditing
- type BaseImagesTrusted
- type BasicId
- type BasicUser
- type BlacklistedOsUsers
- type BypassScope
- type Category
- type Checks
- type ChecksPerformed
- type Client
- func (cli *Client) AcknowledgeCreate(acknowledgePost AcknowledgePost) error
- func (cli *Client) AcknowledgeDelete(acknowledgePost AcknowledgePost) error
- func (cli *Client) AcknowledgeRead() (*AcknowledgeList, error)
- func (cli *Client) ChangeImagePermission(image *Image, allow bool, permissionModificationComment string) error
- func (cli *Client) ChangePassword(password NewPassword) error
- func (cli *Client) CreateApplicationScope(applicationscope *ApplicationScope) error
- func (cli *Client) CreateAquaLabel(aquaLabel *AquaLabel) error
- func (cli *Client) CreateAssurancePolicy(assurancePolicy *AssurancePolicy, assuranceType string) error
- func (cli *Client) CreateEnforcerGroup(group EnforcerGroup) error
- func (cli *Client) CreateFirewallPolicy(firewallPolicy FirewallPolicy) error
- func (cli *Client) CreateGroup(group *Group) error
- func (cli *Client) CreateImage(image *Image) error
- func (cli *Client) CreateLdap(ldap *Ldap) error
- func (cli *Client) CreateNotification(notification *Notification) error
- func (cli *Client) CreatePermissionsSet(permissionset *PermissionsSet) error
- func (cli *Client) CreateRegistry(reg Registry) error
- func (cli *Client) CreateRole(role *Role) error
- func (cli *Client) CreateRoleMappingSaas(saas *RoleMappingSaas) error
- func (cli *Client) CreateRuntimePolicy(runtimePolicy *RuntimePolicy) error
- func (cli *Client) CreateSSO(SSO *SSO) error
- func (cli *Client) CreateService(service *Service) error
- func (cli *Client) CreateUser(user *FullUser) error
- func (cli *Client) DeleteApplicationScope(name string) error
- func (cli *Client) DeleteAquaLabel(name string) error
- func (cli *Client) DeleteAssurancePolicy(name string, assuranceType string) error
- func (cli *Client) DeleteEnforcerGroup(name string) error
- func (cli *Client) DeleteFirewallPolicy(name string) error
- func (cli *Client) DeleteGroup(id string) error
- func (cli *Client) DeleteImage(image *Image) error
- func (cli *Client) DeleteLdap(ldap *Ldap) error
- func (cli *Client) DeleteNotification(id string) error
- func (cli *Client) DeletePermissionsSet(name string) error
- func (cli *Client) DeleteRegistry(name string) error
- func (cli *Client) DeleteRole(name string) error
- func (cli *Client) DeleteRoleMappingSaas(id string) error
- func (cli *Client) DeleteRuntimePolicy(name string) error
- func (cli *Client) DeleteSSO(SSO *SSO) error
- func (cli *Client) DeleteService(name string) error
- func (cli *Client) DeleteUser(name string) error
- func (cli *Client) GetApplicationScope(name string) (*ApplicationScope, error)
- func (cli *Client) GetAquaLabel(name string) (*AquaLabel, error)
- func (cli *Client) GetAquaLabels() (*AquaLabels, error)
- func (cli *Client) GetAssurancePolicy(name string, assuranceType string) (*AssurancePolicy, error)
- func (cli *Client) GetAuthToken() (string, string, error)
- func (cli *Client) GetCspAuthToken() (string, error)
- func (cli *Client) GetEnforcerGroup(name string) (*EnforcerGroup, error)
- func (cli *Client) GetEnforcerGroups() ([]EnforcerGroup, error)
- func (cli *Client) GetFirewallPolicies() (*FirewallPolicyList, error)
- func (cli *Client) GetFirewallPolicy(name string) (*FirewallPolicy, error)
- func (cli *Client) GetGateway(name string) (*Gateway, error)
- func (cli *Client) GetGateways() ([]Gateway, error)
- func (cli *Client) GetGroup(id int) (*Group, error)
- func (cli *Client) GetGroups() ([]Group, error)
- func (cli *Client) GetImage(imageUrl string) (*Image, error)
- func (cli *Client) GetIntegrationState() (*IntegrationState, error)
- func (cli *Client) GetLdap() (*Ldap, error)
- func (cli *Client) GetNotification(id string) (*Notification, error)
- func (cli *Client) GetNotifications() (*Notifications, error)
- func (cli *Client) GetPermissionsSet(name string) (*PermissionsSet, error)
- func (cli *Client) GetPermissionsSets() ([]PermissionsSet, error)
- func (cli *Client) GetRegistries() (*[]Registry, error)
- func (cli *Client) GetRegistry(name string) (*Registry, error)
- func (cli *Client) GetRole(name string) (*Role, error)
- func (cli *Client) GetRoleMappingSaas(id string) (*RoleMappingSaas, error)
- func (cli *Client) GetRoles() ([]Role, error)
- func (cli *Client) GetRolesMappingSaas() (*RoleMappingSaasList, error)
- func (cli *Client) GetRuntimePolicy(name string) (*RuntimePolicy, error)
- func (cli *Client) GetSSO() (*SSO, error)
- func (cli *Client) GetService(name string) (*Service, error)
- func (cli *Client) GetServices() (*ServiceList, error)
- func (cli *Client) GetUSEAuthToken() (string, string, error)
- func (cli *Client) GetUser(name string) (*FullUser, error)
- func (cli *Client) GetUsers() ([]FullUser, error)
- func (cli *Client) GetVulnerabilities(image *Image) ([]Vulnerabilities, error)
- func (cli *Client) ManageUserGroups(groupId, userId int, groupAdmin bool, operation string) error
- func (cli *Client) RescanImage(image *Image, fullRescan bool) error
- func (cli *Client) SetAuthToken(token string)
- func (cli *Client) SetUrl(url string)
- func (cli *Client) SlackNotificationCreate(notification NotificationOld) error
- func (cli *Client) SlackNotificationDelete(notification NotificationOld) error
- func (cli *Client) SlackNotificationRead() (*NotificationOld, error)
- func (cli *Client) SlackNotificationUpdate(notification NotificationOld) error
- func (cli *Client) UpdateApplicationScope(applicationscope *ApplicationScope, name string) error
- func (cli *Client) UpdateAquaLabel(aquaLabel *AquaLabel) error
- func (cli *Client) UpdateAssurancePolicy(assurancePolicy *AssurancePolicy, assuranceType string) error
- func (cli *Client) UpdateEnforcerGroup(group EnforcerGroup) error
- func (cli *Client) UpdateFirewallPolicy(firewallPolicy FirewallPolicy) error
- func (cli *Client) UpdateGroup(group *Group) error
- func (cli *Client) UpdateLdap(ldap *Ldap) error
- func (cli *Client) UpdateNotification(notification *Notification) error
- func (cli *Client) UpdatePermissionsSet(permissionset *PermissionsSet) error
- func (cli *Client) UpdateRegistry(reg Registry) error
- func (cli *Client) UpdateRole(role *Role) error
- func (cli *Client) UpdateRoleMappingSaas(saas *RoleMappingSaas, id string) error
- func (cli *Client) UpdateRuntimePolicy(runtimePolicy *RuntimePolicy) error
- func (cli *Client) UpdateSSO(SSO *SSO) error
- func (cli *Client) UpdateService(service *Service) error
- func (cli *Client) UpdateUser(user *FullUser) error
- func (cli *Client) WaitUntilScanCompleted(image *Image) error
- type CommonStruct
- type ContainerExec
- type DriftPrevention
- type EnforcerCommand
- type EnforcerGroup
- type EnforcerOrchestrator
- type ErrorResponse
- type ExecutableBlacklist
- type FailedKubernetesChecks
- type FileBlock
- type FileIntegrityMonitoring
- type FirewallPolicy
- type FirewallPolicyList
- type FullUser
- type Gateway
- type Group
- type GroupList
- type History
- type Image
- type Infrastructure
- type IntegrationState
- type KubernetesControls
- type KubernetesControlsArray
- type Labels
- type Ldap
- type LimitContainerPrivileges
- type LinuxCapabilities
- type ListPackages
- type Login
- type MalwareScanOptions
- type MembershipRules
- type Metadata
- type Networks
- type NewPassword
- type Notification
- type NotificationOld
- type Notifications
- type OAuth2
- type OpenId
- type Options
- type PackageBlock
- type PermissionsSet
- type PermissionsSetList
- type PolicySettings
- type PortBlock
- type PreventOverrideDefaultConfig
- type ReadonlyFiles
- type ReadonlyRegistry
- type Registry
- type RegistryAccessMonitoring
- type Resource
- type RestrictedVolumes
- type ReverseShell
- type Role
- type RoleList
- type RoleMappingSaas
- type RoleMappingSaasList
- type RoleMappingSaasResponse
- type RuntimePolicy
- type SSO
- type Saml
- type ScanTimeAuto
- type Scope
- type Scopes
- type Service
- type ServiceList
- type SystemIntegrityProtection
- type Tripwire
- type UserGroups
- type UserList
- type Variable
- type VariableI
- type Variables
- type Vulnerabilities
- type VulnerabilitiesList
- type VulnerabilitiesTypes
- type Webhook
- type WhitelistedOsUsers
- type Workload
Constants ¶
View Source
const Csp string = "csp"
View Source
const Saas = "saas"
View Source
const SaasDev = "saasDev"
Variables ¶
This section is empty.
Functions ¶
func UpdatePayload ¶ added in v0.8.7
Types ¶
type Acknowledge ¶ added in v0.8.18
type Acknowledge struct {
IssueType string `json:"issue_type"`
ResourceType string `json:"resource_type"`
ImageName string `json:"image_name"`
RegistryName string `json:"registry_name"`
ResourceName string `json:"resource_name"`
ResourceVersion string `json:"resource_version"`
ResourceFormat string `json:"resource_format"`
ResourceCpe string `json:"resource_cpe"`
ResourcePath string `json:"resource_path"`
ResourceHash string `json:"resource_hash"`
IssueName string `json:"issue_name"`
Comment string `json:"comment"`
Author string `json:"author"`
Date time.Time `json:"date"`
FixVersion string `json:"fix_version"`
ExpirationDays int `json:"expiration_days"`
ExpirationConfiguredAt time.Time `json:"expiration_configured_at"`
ExpirationConfiguredBy string `json:"expiration_configured_by"`
Permission string `json:"permission"`
Os string `json:"os"`
OsVersion string `json:"os_version"`
DockerId string `json:"docker_id"`
}
Acknowledge defines a security issue acknowledge
type AcknowledgeList ¶ added in v0.8.18
type AcknowledgeList struct {
Result []Acknowledge `json:"result"`
}
type AcknowledgePost ¶ added in v0.8.18
type AcknowledgePost struct {
Comment string `json:"comment"`
Issues []Acknowledge `json:"issues"`
}
type AllowedExecutables ¶
type AllowedRegistries ¶ added in v0.8.12
type ApplicationScope ¶ added in v0.8.8
type AquaLabels ¶ added in v0.8.18
type AquaLabels struct {
AquaLabels []AquaLabel `json:"result"`
}
type Artifact ¶ added in v0.8.8
type Artifact struct {
Image CommonStruct `json:"image"`
Function CommonStruct `json:"function"`
CF CommonStruct `json:"cf"`
}
type AssurancePolicy ¶ added in v0.8.8
type AssurancePolicy struct {
AssuranceType string `json:"assurance_type"`
Id int `json:"id"`
Name string `json:"name"`
Author string `json:"author"`
Registry string `json:"registry,omitempty"`
Lastupdate string `json:"lastupdate,omitempty"`
CvssSeverityEnabled bool `json:"cvss_severity_enabled"`
CvssSeverity string `json:"cvss_severity"`
CvssSeverityExcludeNoFix bool `json:"cvss_severity_exclude_no_fix"`
CustomSeverityEnabled bool `json:"custom_severity_enabled"`
MaximumScoreEnabled bool `json:"maximum_score_enabled"`
MaximumScore float64 `json:"maximum_score"`
ControlExcludeNoFix bool `json:"control_exclude_no_fix"`
CustomChecksEnabled bool `json:"custom_checks_enabled"`
ScapEnabled bool `json:"scap_enabled"`
CvesBlackListEnabled bool `json:"cves_black_list_enabled"`
PackagesBlackListEnabled bool `json:"packages_black_list_enabled"`
PackagesWhiteListEnabled bool `json:"packages_white_list_enabled"`
OnlyNoneRootUsers bool `json:"only_none_root_users"`
TrustedBaseImagesEnabled bool `json:"trusted_base_images_enabled"`
ScanSensitiveData bool `json:"scan_sensitive_data"`
AuditOnFailure bool `json:"audit_on_failure"`
FailCicd bool `json:"fail_cicd,omitempty"`
BlockFailed bool `json:"block_failed"`
DisallowMalware bool `json:"disallow_malware"`
MonitoredMalwarePaths []interface{} `json:"monitored_malware_paths"`
ExceptionalMonitoredMalwarePaths []interface{} `json:"exceptional_monitored_malware_paths"`
BlacklistedLicensesEnabled bool `json:"blacklisted_licenses_enabled"`
BlacklistedLicenses []string `json:"blacklisted_licenses"`
WhitelistedLicensesEnabled bool `json:"whitelisted_licenses_enabled"`
WhitelistedLicenses []string `json:"whitelisted_licenses"`
CustomChecks []Checks `json:"custom_checks"`
ScapFiles []interface{} `json:"scap_files"`
Scope Scopes `json:"scope"`
Registries interface{} `json:"registries"`
Labels interface{} `json:"labels"`
Images interface{} `json:"images"`
CvesBlackList []string `json:"cves_black_list"`
PackagesBlackList []ListPackages `json:"packages_black_list"`
PackagesWhiteList []ListPackages `json:"packages_white_list"`
AllowedImages interface{} `json:"allowed_images"`
TrustedBaseImages []BaseImagesTrusted `json:"trusted_base_images"`
ReadOnly bool `json:"read_only"`
ForceMicroenforcer bool `json:"force_microenforcer"`
DockerCisEnabled bool `json:"docker_cis_enabled"`
KubeCisEnabled bool `json:"kube_cis_enabled"`
EnforceExcessivePermissions bool `json:"enforce_excessive_permissions"`
FunctionIntegrityEnabled bool `json:"function_integrity_enabled"`
DtaEnabled bool `json:"dta_enabled"`
CvesWhiteList []string `json:"cves_white_list"`
CvesWhiteListEnabled bool `json:"cves_white_list_enabled"`
BlacklistPermissionsEnabled bool `json:"blacklist_permissions_enabled"`
BlacklistPermissions []interface{} `json:"blacklist_permissions"`
Enabled bool `json:"enabled,omitempty"`
Enforce bool `json:"enforce,omitempty"`
EnforceAfterDays int `json:"enforce_after_days,omitempty"`
IgnoreRecentlyPublishedVln bool `json:"ignore_recently_published_vln"`
IgnoreRecentlyPublishedVlnPeriod int `json:"ignore_recently_published_vln_period"`
IgnoreRiskResourcesEnabled bool `json:"ignore_risk_resources_enabled"`
IgnoredRiskResources []string `json:"ignored_risk_resources"`
ApplicationScopes []string `json:"application_scopes"`
AutoScanEnabled bool `json:"auto_scan_enabled"`
AutoScanConfigured bool `json:"auto_scan_configured"`
AutoScanTime ScanTimeAuto `json:"auto_scan_time"`
RequiredLabelsEnabled bool `json:"required_labels_enabled"`
RequiredLabels []Labels `json:"required_labels"`
ForbiddenLabelsEnabled bool `json:"forbidden_labels_enabled"`
ForbiddenLabels []Labels `json:"forbidden_labels"`
DomainName string `json:"domain_name,omitempty"`
Domain string `json:"domain,omitempty"`
Description string `json:"description"`
DtaSeverity string `json:"dta_severity"`
ScanNfsMounts bool `json:"scan_nfs_mounts"`
MalwareAction string `json:"malware_action"`
PartialResultsImageFail bool `json:"partial_results_image_fail"`
MaximumScoreExcludeNoFix bool `json:"maximum_score_exclude_no_fix"`
KubenetesControlsNames []string `json:"kubernetes_controls_names"`
//JSON
CustomSeverity string `json:"custom_severity"`
VulnerabilityExploitability bool `json:"vulnerability_exploitability"`
DisallowExploitTypes []string `json:"disallow_exploit_types"`
IgnoreBaseImageVln bool `json:"ignore_base_image_vln"`
IgnoredSensitiveResources []string `json:"ignored_sensitive_resources"`
Permission string `json:"permission"`
ScanMalwareInArchives bool `json:"scan_malware_in_archives"`
KubernetesControls KubernetesControlsArray `json:"kubernetes_controls"`
KubernetesControlsNames []string `json:"kubernetes_controls_names"`
ScanWindowsRegistry bool `json:"scan_windows_registry"`
ScanProcessMemory bool `json:"scan_process_memory"`
PolicySettings PolicySettings `json:"policy_settings,omitempty"`
ExcludeApplicationScopes []string `json:"exclude_application_scopes"`
LinuxCisEnabled bool `json:"linux_cis_enabled"`
WindowsCisEnabled bool `json:"windows_cis_enabled"`
OpenshiftHardeningEnabled bool `json:"openshift_hardening_enabled"`
KubernetesControlsAvdIds []string `json:"kubernetes_controls_avd_ids"`
VulnerabilityScoreRange []int `json:"vulnerability_score_range"`
}
type AssuranceResults ¶
type AssuranceResults struct {
Disallowed bool `json:"disallowed"`
ChecksPerformed []ChecksPerformed `json:"checks_performed"`
}
type Auditing ¶
type Auditing struct {
AuditAllNetwork bool `json:"audit_all_network"`
AuditAllProcesses bool `json:"audit_all_processes"`
AuditFailedLogin bool `json:"audit_failed_login"`
AuditOsUserActivity bool `json:"audit_os_user_activity"`
AuditProcessCmdline bool `json:"audit_process_cmdline"`
AuditSuccessLogin bool `json:"audit_success_login"`
AuditUserAccountManagement bool `json:"audit_user_account_management"`
Enabled bool `json:"enabled"`
}
type BaseImagesTrusted ¶ added in v0.8.3
type BasicId ¶ added in v0.8.7
type BasicId struct {
Id string `json:"id"`
}
func (*BasicId) UnmarshalJSON ¶ added in v0.8.7
type BasicUser ¶ added in v0.8.7
type BasicUser struct {
Password string `json:"password,omitempty"`
PasswordConfirm string `json:"passwordConfirm,omitempty"`
Name string `json:"name,omitempty"` // Display Name
Email string `json:"email,omitempty"`
FirstTime bool `json:"first_time,omitempty"`
IsSuper bool `json:"is_super,omitempty"`
UiAccess bool `json:"ui_access,omitempty"`
//Actions
//Scopes
Role string `json:"role,omitempty"`
Roles []string `json:"roles,omitempty"`
Type string `json:"type,omitempty"`
Plan string `json:"plan,omitempty"`
//SaaS vars:
//Dashboard
CspRoles []string `json:"csp_roles,omitempty"`
Confirmed bool `json:"confirmed,omitempty"`
PasswordReset bool `json:"password_reset,omitempty"`
SendAnnouncements bool `json:"send_announcements,omitempty"`
SendScanResults bool `json:"send_scan_results,omitempty"`
SendNewPlugin bool `json:"send_new_plugin,omitempty"`
SendNewRisks bool `json:"send_new_risks,omitempty"`
AccountAdmin bool `json:"account_admin,omitempty"`
Created string `json:"created,omitempty"`
Updated string `json:"updated,omitempty"`
Provider string `json:"provider,omitempty"`
Multiaccount bool `json:"multiaccount,omitempty"`
Groups []Group `json:"groups,omitempty"`
Logins []Login `json:"logins"`
UserGroups []UserGroups `json:"user_groups,omitempty"`
}
type BlacklistedOsUsers ¶
type BypassScope ¶
type Category ¶ added in v0.8.8
type Category struct {
Artifacts Artifact `json:"artifacts"`
Workloads Workload `json:"workloads"`
Infrastructure Infrastructure `json:"infrastructure"`
EntityScope CommonStruct `json:"entity_scope"`
}
type Checks ¶ added in v0.8.3
type Checks struct {
ScriptID string `json:"script_id"`
Name string `json:"name"`
Path string `json:"path"`
LastModified int `json:"last_modified"`
Description string `json:"description"`
Engine string `json:"engine"`
Snippet string `json:"snippet"`
ReadOnly bool `json:"read_only"`
Severity string `json:"severity"`
Author string `json:"author"`
}
type ChecksPerformed ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client - API client
func (*Client) AcknowledgeCreate ¶ added in v0.8.18
func (cli *Client) AcknowledgeCreate(acknowledgePost AcknowledgePost) error
AcknowledgeCreate create security acknowledge
func (*Client) AcknowledgeDelete ¶ added in v0.8.18
func (cli *Client) AcknowledgeDelete(acknowledgePost AcknowledgePost) error
AcknowledgeDelete delete security acknowledge
func (*Client) AcknowledgeRead ¶ added in v0.8.18
func (cli *Client) AcknowledgeRead() (*AcknowledgeList, error)
AcknowledgeRead reads all security acknowledges
func (*Client) ChangeImagePermission ¶
func (*Client) ChangePassword ¶
func (cli *Client) ChangePassword(password NewPassword) error
ChangePassword modifies the user's password
func (*Client) CreateApplicationScope ¶ added in v0.8.8
func (cli *Client) CreateApplicationScope(applicationscope *ApplicationScope) error
CreateApplicationScope - creates single Aqua Application Scope
func (*Client) CreateAquaLabel ¶ added in v0.8.18
CreateAquaLabel - creates single Aqua Aqua label
func (*Client) CreateAssurancePolicy ¶ added in v0.8.8
func (cli *Client) CreateAssurancePolicy(assurancePolicy *AssurancePolicy, assuranceType string) error
CreateAssurancePolicy - creates single Aqua Assurance Policy
func (*Client) CreateEnforcerGroup ¶
func (cli *Client) CreateEnforcerGroup(group EnforcerGroup) error
CreateEnforcerGroup - creates single Aqua enforcer group
func (*Client) CreateFirewallPolicy ¶
func (cli *Client) CreateFirewallPolicy(firewallPolicy FirewallPolicy) error
CreateFirewallPolicy - creates single Aqua Firewall Policy
func (*Client) CreateGroup ¶ added in v0.8.7
CreateGroup - creates single Aqua group
func (*Client) CreateImage ¶
CreateImage creates an Aqua Image
func (*Client) CreateLdap ¶ added in v0.8.20
func (*Client) CreateNotification ¶ added in v0.8.21
func (cli *Client) CreateNotification(notification *Notification) error
func (*Client) CreatePermissionsSet ¶ added in v0.8.8
func (cli *Client) CreatePermissionsSet(permissionset *PermissionsSet) error
CreatePermissionSet - creates single Aqua PermissionSet Assurance Policy
func (*Client) CreateRegistry ¶
CreateRegistry - creates single Aqua registry
func (*Client) CreateRole ¶ added in v0.8.7
CreateRole - creates single Aqua role
func (*Client) CreateRoleMappingSaas ¶ added in v0.8.16
func (cli *Client) CreateRoleMappingSaas(saas *RoleMappingSaas) error
func (*Client) CreateRuntimePolicy ¶
func (cli *Client) CreateRuntimePolicy(runtimePolicy *RuntimePolicy) error
CreateRuntimePolicy creates an Aqua RuntimePolicy
func (*Client) CreateService ¶
CreateService creates an Aqua Service
func (*Client) CreateUser ¶
CreateUser - creates single Aqua user
func (*Client) DeleteApplicationScope ¶ added in v0.8.8
DeleteApplicationScope removes a Application Scope
func (*Client) DeleteAquaLabel ¶ added in v0.8.18
DeleteAquaLabel removes a Aqua label
func (*Client) DeleteAssurancePolicy ¶ added in v0.8.8
DeleteAssurancePolicy removes a Assurance Policy
func (*Client) DeleteEnforcerGroup ¶
DeleteEnforcerGroup removes an enforcer group
func (*Client) DeleteFirewallPolicy ¶
DeleteFirewallPolicy removes a Firewall Policy
func (*Client) DeleteGroup ¶ added in v0.8.7
DeleteGroup removes a group
func (*Client) DeleteImage ¶
DeleteImage removes a Aqua Image
func (*Client) DeleteLdap ¶ added in v0.8.20
func (*Client) DeleteNotification ¶ added in v0.8.21
func (*Client) DeletePermissionsSet ¶ added in v0.8.8
DeletePermissionSet removes a PermissionSet Assurance Policy
func (*Client) DeleteRegistry ¶
DeleteRegistry removes a registry
func (*Client) DeleteRole ¶ added in v0.8.7
DeleteRole removes a role
func (*Client) DeleteRoleMappingSaas ¶ added in v0.8.25
DeleteRoleMappingSaas - returns Aqua RoleMappingSaas
func (*Client) DeleteRuntimePolicy ¶
DeleteRuntimePolicy removes a Aqua runtime policy
func (*Client) DeleteService ¶
DeleteService removes a Aqua Service
func (*Client) DeleteUser ¶
DeleteUser removes a user
func (*Client) GetApplicationScope ¶ added in v0.8.8
func (cli *Client) GetApplicationScope(name string) (*ApplicationScope, error)
Get Application Scope
func (*Client) GetAquaLabel ¶ added in v0.8.18
GetAquaLabel - get a single Aqua label
func (*Client) GetAquaLabels ¶ added in v0.8.18
func (cli *Client) GetAquaLabels() (*AquaLabels, error)
GetAquaLabels - get a list of aqua labels
func (*Client) GetAssurancePolicy ¶ added in v0.8.8
func (cli *Client) GetAssurancePolicy(name string, assuranceType string) (*AssurancePolicy, error)
GetAssurancePolicy - returns single Assurance Policy
func (*Client) GetCspAuthToken ¶ added in v0.8.7
GetAuthToken - Connect to Aqua and return a JWT bearerToken (string)
func (*Client) GetEnforcerGroup ¶
func (cli *Client) GetEnforcerGroup(name string) (*EnforcerGroup, error)
GetEnforcerGroup - returns single Enforcer group hard-coded page size of 100 for now
func (*Client) GetEnforcerGroups ¶
func (cli *Client) GetEnforcerGroups() ([]EnforcerGroup, error)
GetEnforcerGroups - returns all Enforcer groups
func (*Client) GetFirewallPolicies ¶
func (cli *Client) GetFirewallPolicies() (*FirewallPolicyList, error)
GetFirewallPolicies - returns all Firewall Policies
func (*Client) GetFirewallPolicy ¶
func (cli *Client) GetFirewallPolicy(name string) (*FirewallPolicy, error)
GetFirewallPolicy - returns single Firewall Policy
func (*Client) GetGateway ¶ added in v0.8.7
GetUser - returns single Aqua gateway
func (*Client) GetGateways ¶ added in v0.8.7
GetUsers - returns all Aqua gateways
func (*Client) GetIntegrationState ¶ added in v0.8.16
func (cli *Client) GetIntegrationState() (*IntegrationState, error)
GetIntegrationState - returns SSO enable state
func (*Client) GetNotification ¶ added in v0.8.21
func (cli *Client) GetNotification(id string) (*Notification, error)
func (*Client) GetNotifications ¶ added in v0.8.21
func (cli *Client) GetNotifications() (*Notifications, error)
func (*Client) GetPermissionsSet ¶ added in v0.8.8
func (cli *Client) GetPermissionsSet(name string) (*PermissionsSet, error)
func (*Client) GetPermissionsSets ¶ added in v0.8.8
func (cli *Client) GetPermissionsSets() ([]PermissionsSet, error)
GetPermissionsSets - returns all Aqua PermissionsSetList
func (*Client) GetRegistries ¶
GetRegistries - retrieves all configured registry integrations
func (*Client) GetRoleMappingSaas ¶ added in v0.8.25
func (cli *Client) GetRoleMappingSaas(id string) (*RoleMappingSaas, error)
GetRoleMappingSaas - returns Aqua RoleMappingSaas
func (*Client) GetRolesMappingSaas ¶ added in v0.8.25
func (cli *Client) GetRolesMappingSaas() (*RoleMappingSaasList, error)
GetRolesMappingSaas - returns Aqua RoleMappingSaas
func (*Client) GetRuntimePolicy ¶
func (cli *Client) GetRuntimePolicy(name string) (*RuntimePolicy, error)
GetRuntimePolicy gets an Aqua runtime policy by name
func (*Client) GetService ¶
GetService gets an Aqua service by name
func (*Client) GetServices ¶
func (cli *Client) GetServices() (*ServiceList, error)
GetServices gets all the available services
func (*Client) GetUSEAuthToken ¶ added in v0.8.4
GetUSEAuthToken - Connect to Aqua SaaS solution and return a JWT bearerToken (string)
func (*Client) GetVulnerabilities ¶
func (cli *Client) GetVulnerabilities(image *Image) ([]Vulnerabilities, error)
GetVulnerabilities gets all the vulnerabilities of an image by registry, name and tag
func (*Client) ManageUserGroups ¶ added in v0.8.7
ManageUserGroups removes a group
func (*Client) RescanImage ¶
RescanImage rescans an existing image
func (*Client) SetAuthToken ¶ added in v0.8.12
func (*Client) SlackNotificationCreate ¶
func (cli *Client) SlackNotificationCreate(notification NotificationOld) error
todo: Old Notification, should be removed after next release SlackNotificationCreate enables a Slack NotificationOld
func (*Client) SlackNotificationDelete ¶
func (cli *Client) SlackNotificationDelete(notification NotificationOld) error
SlackNotificationDelete enables/disables a Slack NotificationOld Since there is no DELETE method implementation of the API, we are basically setting the values as spaces and setting the enabled indicator as false
func (*Client) SlackNotificationRead ¶
func (cli *Client) SlackNotificationRead() (*NotificationOld, error)
SlackNotificationRead reads the given slack configurations
func (*Client) SlackNotificationUpdate ¶
func (cli *Client) SlackNotificationUpdate(notification NotificationOld) error
SlackNotificationUpdate enables/disables a Slack NotificationOld
func (*Client) UpdateApplicationScope ¶ added in v0.8.8
func (cli *Client) UpdateApplicationScope(applicationscope *ApplicationScope, name string) error
UpdateApplicationScope updates an existing Application Scope
func (*Client) UpdateAquaLabel ¶ added in v0.8.18
UpdateAquaLabel updates an existing Aqua label
func (*Client) UpdateAssurancePolicy ¶ added in v0.8.8
func (cli *Client) UpdateAssurancePolicy(assurancePolicy *AssurancePolicy, assuranceType string) error
UpdateAssurancePolicy updates an existing Assurance Policy
func (*Client) UpdateEnforcerGroup ¶
func (cli *Client) UpdateEnforcerGroup(group EnforcerGroup) error
UpdateEnforcerGroup updates an existing enforcer group hardcoded update_enforcers parameter to true (for now)
func (*Client) UpdateFirewallPolicy ¶
func (cli *Client) UpdateFirewallPolicy(firewallPolicy FirewallPolicy) error
UpdateFirewallPolicy updates an existing firewall policy
func (*Client) UpdateGroup ¶ added in v0.8.7
UpdateGroup updates an existing group
func (*Client) UpdateLdap ¶ added in v0.8.20
func (*Client) UpdateNotification ¶ added in v0.8.21
func (cli *Client) UpdateNotification(notification *Notification) error
func (*Client) UpdatePermissionsSet ¶ added in v0.8.8
func (cli *Client) UpdatePermissionsSet(permissionset *PermissionsSet) error
UpdatePermissionSet updates an existing PermissionSet Assurance Policy
func (*Client) UpdateRegistry ¶
UpdateRegistry updates an existing registry
func (*Client) UpdateRole ¶ added in v0.8.7
UpdateRole updates an existing role
func (*Client) UpdateRoleMappingSaas ¶ added in v0.8.16
func (cli *Client) UpdateRoleMappingSaas(saas *RoleMappingSaas, id string) error
func (*Client) UpdateRuntimePolicy ¶
func (cli *Client) UpdateRuntimePolicy(runtimePolicy *RuntimePolicy) error
UpdateRuntimePolicy updates an existing runtime policy policy
func (*Client) UpdateService ¶
UpdateService updates an existing service policy
func (*Client) UpdateUser ¶
UpdateUser updates an existing user
func (*Client) WaitUntilScanCompleted ¶
type CommonStruct ¶ added in v0.8.8
type ContainerExec ¶ added in v0.8.12
type DriftPrevention ¶
type EnforcerCommand ¶
type EnforcerCommand struct {
Default string `json:"default"`
Kubernetes string `json:"kubernetes"`
Swarm string `json:"swarm"`
Windows string `json:"windows"`
}
EnforcerCommand represents a single Commands
type EnforcerGroup ¶
type EnforcerGroup struct {
ID string `json:"id"`
LogicalName string `json:"logicalname"`
Type string `json:"type"`
EnforcerImageName string `json:"enforcer_image_name"`
Description string `json:"description"`
Gateways []string `json:"gateways"`
GatewayName string `json:"gateway_name"`
GatewayAddress string `json:"gateway_address"`
Enforce bool `json:"enforce"`
ContainerActivityProtection bool `json:"container_activity_protection"`
NetworkProtection bool `json:"network_protection"`
BehavioralEngine bool `json:"behavioral_engine"`
HostBehavioralEngine bool `json:"host_behavioral_engine"`
ContainerForensicsCollection bool `json:"container_forensics_collection"`
HostForensicsCollection bool `json:"host_forensics_collection"`
HostNetworkProtection bool `json:"host_network_protection"`
UserAccessControl bool `json:"user_access_control"`
ImageAssurance bool `json:"image_assurance"`
HostProtection bool `json:"host_protection"`
AuditAll bool `json:"audit_all"`
AuditSuccessLogin bool `json:"audit_success_login"`
AuditFailedLogin bool `json:"audit_failed_login"`
LastUpdate int `json:"last_update"`
Token string `json:"token"`
Command EnforcerCommand `json:"command"`
Orchestrator EnforcerOrchestrator `json:"orchestrator"`
HostOs string `json:"host_os"`
InstallCommand string `json:"install_command"`
HostsCount int `json:"hosts_count"`
DisconnectedCount int `json:"disconnected_count"`
ConnectedCount int `json:"connected_count"`
HighVulns int `json:"high_vulns"`
MedVulns int `json:"med_vulns"`
LowVulns int `json:"low_vulns"`
NegVulns int `json:"neg_vulns"`
SyscallEnabled bool `json:"syscall_enabled"`
RuntimeType string `json:"runtime_type"`
SyncHostImages bool `json:"sync_host_images"`
RiskExplorerAutoDiscovery bool `json:"risk_explorer_auto_discovery"`
RuntimePolicyName string `json:"runtime_policy_name"`
PasDeploymentLink string `json:"pas_deployment_link"`
AquaVersion string `json:"aqua_version"`
AllowKubeEnforcerAudit bool `json:"allow_kube_enforcer_audit"`
AutoDiscoveryEnabled bool `json:"auto_discovery_enabled"`
AutoDiscoverConfigureRegistries bool `json:"auto_discover_configure_registries"`
AutoScanDiscoveredImagesRunningContainers bool `json:"auto_scan_discovered_images_running_containers"`
AdmissionControl bool `json:"admission_control"`
MicroEnforcerInjection bool `json:"micro_enforcer_injection"`
Permission string `json:"permission"`
MicroEnforcerImageName string `json:"micro_enforcer_image_name"`
MicroEnforcerSecretsName string `json:"micro_enforcer_secrets_name"`
BlockAdmissionControl bool `json:"block_admission_control"`
AutoCopySecrets bool `json:"auto_copy_secrets"`
MicroEnforcerCertsSecretsName string `json:"micro_enforcer_certs_secrets_name"`
KubeBenchImageName string `json:"kube_bench_image_name"`
AntivirusProtection bool `json:"antivirus_protection"`
HostUserProtection bool `json:"host_user_protection"`
ContainerAntivirusProtection bool `json:"container_antivirus_protection"`
HostAssurance bool `json:"host_assurance"`
AllowedApplications []string `json:"allowed_applications"`
AllowedLabels []string `json:"allowed_labels"`
AllowedRegistries []string `json:"allowed_registries"`
}
EnforcerGroup is the request and response format for an Enforcer Group (hostbatch)
type EnforcerOrchestrator ¶
type EnforcerOrchestrator struct {
Type string `json:"type"`
Master bool `json:"master"`
ServiceAccount string `json:"service_account,omitempty"`
Namespace string `json:"namespace,omitempty"`
}
EnforcerOrchestrator represents a single Orchestrator
type ErrorResponse ¶
type ExecutableBlacklist ¶
type FailedKubernetesChecks ¶ added in v0.8.12
type FileBlock ¶
type FileBlock struct {
Enabled bool `json:"enabled"`
FilenameBlockList []string `json:"filename_block_list"`
ExceptionalBlockFiles []string `json:"exceptional_block_files"`
BlockFilesUsers []string `json:"block_files_users"`
BlockFilesProcesses []string `json:"block_files_processes"`
ExceptionalBlockFilesUsers []string `json:"exceptional_block_files_users"`
ExceptionalBlockFilesProcesses []string `json:"exceptional_block_files_processes"`
}
type FileIntegrityMonitoring ¶
type FileIntegrityMonitoring struct {
Enabled bool `json:"enabled"`
MonitoredFiles []string `json:"monitored_files"`
ExceptionalMonitoredFiles []string `json:"exceptional_monitored_files"`
MonitoredFilesProcesses []string `json:"monitored_files_processes"`
ExceptionalMonitoredFilesProcesses []string `json:"exceptional_monitored_files_processes"`
MonitoredFilesUsers []string `json:"monitored_files_users"`
ExceptionalMonitoredFilesUsers []string `json:"exceptional_monitored_files_users"`
MonitoredFilesCreate bool `json:"monitored_files_create"`
MonitoredFilesRead bool `json:"monitored_files_read"`
MonitoredFilesModify bool `json:"monitored_files_modify"`
MonitoredFilesDelete bool `json:"monitored_files_delete"`
MonitoredFilesAttributes bool `json:"monitored_files_attributes"`
}
type FirewallPolicy ¶
type FirewallPolicy struct {
Author string `json:"author"`
BlockICMPPing bool `json:"block_icmp_ping"`
BlockMetadataService bool `json:"block_metadata_service"`
Description string `json:"description"`
InboundNetworks []Networks `json:"inbound_networks"`
Lastupdate int `json:"lastupdate"`
Name string `json:"name"`
OutboundNetworks []Networks `json:"outbound_networks"`
Type string `json:"type"`
Version string `json:"version"`
}
FirewallPolicy represents a local Aqua Firewall Policy
type FirewallPolicyList ¶
type FirewallPolicyList struct {
Count int `json:"count"`
Page int `json:"page"`
Pagesize int `json:"pagesize"`
Result []FirewallPolicy `json:"result"`
}
FirewallPolicyList represents a local Aqua Firewall Policy List
type FullUser ¶ added in v0.8.7
func BuildFullUser ¶ added in v0.8.7
type Gateway ¶ added in v0.8.7
type Gateway struct {
ID string `json:"id"`
Logical_Name string `json:"logicalname"`
Description string `json:"description"`
Version string `json:"version"`
Host_Name string `json:"hostname"`
SSH_Address string `json:"public_address"`
GRPC_Address string `json:"grpc_address"`
Status string `json:"status"`
}
User represents a local Aqua user
type Group ¶ added in v0.8.7
type Group struct {
Id int `json:"id"`
Name string `json:"name,omitempty"`
Created string `json:"created,omitempty"`
}
Group represents a local Aqua Group
type GroupList ¶ added in v0.8.7
type GroupList struct {
Items []Group `json:"data,omitempty"`
}
GroupList contains a list of Group
type Image ¶
type Image struct {
Registry string `json:"registry"`
RegistryType string `json:"registry_type"`
Repository string `json:"repository"`
Tag string `json:"tag"`
Labels []string `json:"labels"`
Digest string `json:"digest"`
VulnsFound int `json:"vulns_found"`
CritVulns int `json:"crit_vulns"`
HighVulns int `json:"high_vulns"`
MedVulns int `json:"med_vulns"`
LowVulns int `json:"low_vulns"`
NegVulns int `json:"neg_vulns"`
Created string `json:"created"`
Author string `json:"author"`
Size int `json:"size"`
Os string `json:"os"`
OsVersion string `json:"os_version"`
ScanStatus string `json:"scan_status"`
ScanDate string `json:"scan_date"`
ScanError string `json:"scan_error"`
SensitiveData int `json:"sensitive_data"`
Malware int `json:"malware"`
Disallowed bool `json:"disallowed"`
Whitelisted bool `json:"whitelisted"`
Blacklisted bool `json:"blacklisted"`
PermissionAuthor string `json:"permission_author"`
Permission string `json:"permission"`
PermissionComment string `json:"permission_comment"`
IsVulnsPerLayerView bool `json:"is_vulns_per_layer_view"`
NewerImageExists bool `json:"newer_image_exists"`
PartialResults bool `json:"partial_results"`
Name string `json:"name"`
Metadata Metadata `json:"metadata"`
History []History `json:"history"`
AssuranceResults AssuranceResults `json:"assurance_results"`
PendingDisallowed bool `json:"pending_disallowed"`
MicroenforcerDetected bool `json:"microenforcer_detected"`
DtaSeverityScore string `json:"dta_severity_score"`
DtaSkipped bool `json:"dta_skipped"`
DtaSkippedReason string `json:"dta_skipped_reason"`
}
type Infrastructure ¶ added in v0.8.8
type Infrastructure struct {
IKubernetes CommonStruct `json:"kubernetes"`
IOS CommonStruct `json:"os"`
}
type IntegrationState ¶ added in v0.8.16
type KubernetesControls ¶ added in v0.8.27
type KubernetesControlsArray ¶ added in v0.8.27
type KubernetesControlsArray []KubernetesControls
type Ldap ¶ added in v0.8.20
type Ldap struct {
AccountAttrName string `json:"account_attr_name"`
BaseDn string `json:"base_dn"`
Cacert string `json:"cacert"`
DisplaynameAttrName string `json:"displayname_attr_name"`
DnAttrName string `json:"dn_attr_name"`
Domain string `json:"domain"`
Enable bool `json:"enable"`
GroupAttrName string `json:"group_attr_name"`
GroupNameAttrName string `json:"group_name_attr_name"`
GroupObjectClass string `json:"group_object_class"`
ObjectClass string `json:"object_class"`
Password string `json:"password"`
Port string `json:"port"`
RoleMapping map[string][]string `json:"role_mapping"`
Ssl bool `json:"ssl"`
Type string `json:"type"`
User string `json:"user"`
UserMemberAttrName string `json:"user_member_attr_name"`
VerifyCert bool `json:"verify_cert"`
}
type LimitContainerPrivileges ¶
type LimitContainerPrivileges struct {
Enabled bool `json:"enabled"`
Privileged bool `json:"privileged,omitempty"`
Netmode bool `json:"netmode,omitempty"`
Pidmode bool `json:"pidmode,omitempty"`
Utsmode bool `json:"utsmode,omitempty"`
Usermode bool `json:"usermode,omitempty"`
Ipcmode bool `json:"ipcmode,omitempty"`
PreventRootUser bool `json:"prevent_root_user,omitempty"`
PreventLowPortBinding bool `json:"prevent_low_port_binding,omitempty"`
BlockAddCapabilities bool `json:"block_add_capabilities,omitempty"`
UseHostUser bool `json:"use_host_user,omitempty"`
}
type LinuxCapabilities ¶
type ListPackages ¶ added in v0.8.3
type ListPackages struct {
Format string `json:"format"`
Name string `json:"name"`
Epoch string `json:"epoch"`
Version string `json:"version"`
VersionRange string `json:"version_range"`
Release string `json:"release"`
Arch string `json:"arch"`
License string `json:"license"`
Display string `json:"display"`
}
type MalwareScanOptions ¶ added in v0.8.12
type MembershipRules ¶
type Metadata ¶
type Metadata struct {
DockerID string `json:"docker_id"`
Parent string `json:"parent"`
RepoDigests []string `json:"repo_digests"`
Comment string `json:"comment"`
Created string `json:"created"`
DockerVersion string `json:"docker_version"`
Author string `json:"author"`
Architecture string `json:"architecture"`
Os string `json:"os"`
OsVersion string `json:"os_version"`
Size int `json:"size"`
VirtualSize int `json:"virtual_size"`
DefaultUser string `json:"default_user"`
Env []string `json:"env"`
DockerLabels []string `json:"docker_labels"`
ImageType string `json:"image_type"`
}
type NewPassword ¶
NewPassword represents a password change
type Notification ¶
type NotificationOld ¶ added in v0.8.21
type NotificationOld struct {
Enabled bool `json:"enabled"`
Channel string `json:"channel"`
WebhookURL string `json:"webhook_url"`
UserName string `json:"user_name"`
MainText string `json:"main_text"`
Icon string `json:"icon"`
ServiceKey string `json:"service_key"`
Type string `json:"type"`
Name string `json:"name"`
}
NotificationOld defines a NotificationOld
type Notifications ¶ added in v0.8.21
type Notifications struct {
Slack []Notification `json:"slack"`
Jira []Notification `json:"jira"`
Email []Notification `json:"email"`
Teams []Notification `json:"teams"`
Webhook []Notification `json:"webhook"`
Splunk []Notification `json:"splunk"`
ServiceNow []Notification `json:"serviceNow"`
}
type OpenId ¶ added in v0.8.16
type OpenId struct {
AuthByRole bool `json:"auth_by_role"`
ClientId string `json:"client_id"`
Enabled bool `json:"enabled"`
IdpUrl string `json:"idp_url"`
ProviderName string `json:"provider_name"`
RedirectUrl string `json:"redirect_url"`
RoleMapping map[string][]string `json:"role_mapping"`
Scopes []string `json:"scopes"`
Secret string `json:"secret"`
User string `json:"user"`
UserRole string `json:"user_role"`
}
type PackageBlock ¶
type PackageBlock struct {
Enabled bool `json:"enabled"`
PackagesBlackList []string `json:"packages_black_list"`
ExceptionalBlockPackagesFiles []string `json:"exceptional_block_packages_files"`
BlockPackagesUsers []string `json:"block_packages_users"`
BlockPackagesProcesses []string `json:"block_packages_processes"`
ExceptionalBlockPackagesUsers []string `json:"exceptional_block_packages_users"`
ExceptionalBlockPackagesProcesses []string `json:"exceptional_block_packages_processes"`
}
type PermissionsSet ¶ added in v0.8.8
type PermissionsSet struct {
ID string `json:"id"`
Name string `json:"name,omitempty"` // Display Name
Description string `json:"description,omitempty"`
Actions []string `json:"actions,omitempty"`
Author string `json:"author,omitempty"`
UiAccess bool `json:"ui_access,omitempty"`
IsSuper bool `json:"is_super,omitempty"`
UpdatedAt string `json:"updated_at,omitempty"`
}
User represents a local Aqua user
type PermissionsSetList ¶ added in v0.8.8
type PermissionsSetList struct {
Items []PermissionsSet `json:"result,omitempty"`
}
type PolicySettings ¶ added in v0.8.27
type ReadonlyFiles ¶
type ReadonlyFiles struct {
Enabled bool `json:"enabled"`
ReadonlyFiles []string `json:"readonly_files"`
ExceptionalReadonlyFiles []string `json:"exceptional_readonly_files"`
ReadonlyFilesProcesses []string `json:"readonly_files_processes"`
ExceptionalReadonlyFilesProcesses []string `json:"exceptional_readonly_files_processes"`
ReadonlyFilesUsers []string `json:"readonly_files_users"`
ExceptionalReadonlyFilesUsers []string `json:"exceptional_readonly_files_users"`
}
type ReadonlyRegistry ¶
type ReadonlyRegistry struct {
Enabled bool `json:"enabled"`
ExceptionalReadonlyRegistryPaths []string `json:"exceptional_readonly_registry_paths"`
ExceptionalReadonlyRegistryProcesses []string `json:"exceptional_readonly_registry_processes"`
ExceptionalReadonlyRegistryUsers []string `json:"exceptional_readonly_registry_users"`
ReadonlyRegistryPaths []string `json:"readonly_registry_paths"`
ReadonlyRegistryProcesses []string `json:"readonly_registry_processes"`
ReadonlyRegistryUsers []string `json:"readonly_registry_users"`
}
type Registry ¶
type Registry struct {
Name string `json:"name"`
Type string `json:"type"` // [HUB, V1/V2, ENGINE, AWS, GCR]
Description string `json:"description"`
Author string `json:"author"`
Lastupdate int `json:"lastupdate"`
URL string `json:"url"`
Username string `json:"username"`
Password string `json:"password"`
ImageCreationDateCondition string `json:"image_creation_date_condition"`
AdvancedSettingsCleanup bool `json:"advanced_settings_cleanup"`
AutoPull bool `json:"auto_pull"`
AutoPullTime string `json:"auto_pull_time"`
AutoPullMax int `json:"auto_pull_max"`
RegistryScanTimeout int `json:"registry_scan_timeout"`
AutoPullInterval int `json:"auto_pull_interval"`
AutoCleanUp bool `json:"auto_cleanup"`
AlwaysPullPatterns []string `json:"always_pull_patterns"`
PullRepoPatternsExcluded []string `json:"pull_repo_patterns_excluded"`
AutoPullRescan bool `json:"auto_pull_rescan"`
Prefixes []string `json:"prefixes"`
Webhook Webhook `json:"webhook"`
PullImageAge string `json:"pull_image_age"`
PullImageCount int `json:"pull_image_count"`
PullImageTagPattern []string `json:"pull_image_tag_pattern"`
ScannerType string `json:"scanner_type"`
ScannerName []string `json:"scanner_name,omitempty"`
ScannerNameAdded []string `json:"scanner_name_added,omitempty"`
ScannerNameRemoved []string `json:"scanner_name_removed,omitempty"`
ExistingScanners []string `json:"existsing_scanners,omitempty"`
Options []Options `json:"options"`
DefaultPrefix string `json:"default_prefix"`
}
Registry defines a registry
type RegistryAccessMonitoring ¶
type RegistryAccessMonitoring struct {
Enabled bool `json:"enabled"`
ExceptionalMonitoredRegistryPaths []string `json:"exceptional_monitored_registry_paths"`
ExceptionalMonitoredRegistryProcesses []string `json:"exceptional_monitored_registry_processes"`
ExceptionalMonitoredRegistryUsers []string `json:"exceptional_monitored_registry_users"`
MonitoredRegistryAttributes bool `json:"monitored_registry_attributes"`
MonitoredRegistryCreate bool `json:"monitored_registry_create"`
MonitoredRegistryDelete bool `json:"monitored_registry_delete"`
MonitoredRegistryModify bool `json:"monitored_registry_modify"`
MonitoredRegistryPaths []string `json:"monitored_registry_paths"`
MonitoredRegistryProcesses []string `json:"monitored_registry_processes"`
MonitoredRegistryRead bool `json:"monitored_registry_read"`
MonitoredRegistryUsers []string `json:"monitored_registry_users"`
}
type RestrictedVolumes ¶
type ReverseShell ¶ added in v0.8.12
type Role ¶ added in v0.8.7
type Role struct {
Name string `json:"name,omitempty"` // Display Name
Description string `json:"description,omitempty"`
UpdatedAt string `json:"updated_at,omitempty"`
Author string `json:"author,omitempty"`
Permission string `json:"permission,omitempty"`
Scopes []string `json:"scopes,omitempty"`
}
Role represents a local Aqua Role
type RoleList ¶ added in v0.8.7
type RoleList struct {
Items []Role `json:"result,omitempty"`
}
RoleList contains a list of Role
type RoleMappingSaas ¶ added in v0.8.16
type RoleMappingSaasList ¶ added in v0.8.16
type RoleMappingSaasList struct {
Items []RoleMappingSaas `json:"data"`
}
type RoleMappingSaasResponse ¶ added in v0.8.16
type RoleMappingSaasResponse struct {
RoleMappingSaas RoleMappingSaas `json:"data"`
}
type RuntimePolicy ¶
type RuntimePolicy struct {
AllowedExecutables AllowedExecutables `json:"allowed_executables"`
AllowedRegistries AllowedRegistries `json:"allowed_registries"`
ApplicationScopes []string `json:"application_scopes"`
AuditBruteForceLogin bool `json:"audit_brute_force_login"`
AuditOnFailure bool `json:"audit_on_failure,omitempty"`
Auditing Auditing `json:"auditing"`
Author string `json:"author"`
BlacklistedOsUsers BlacklistedOsUsers `json:"blacklisted_os_users,omitempty"`
BlockDisallowedImages bool `json:"block_disallowed_images,omitempty"`
BlockFailed bool `json:"block_failed,omitempty"`
BlockFilelessExec bool `json:"block_fileless_exec"`
BlockNonCompliantWorkloads bool `json:"block_non_compliant_workloads"`
BlockNonK8sContainers bool `json:"block_non_k8s_containers"`
BlockNwUnlinkCont bool `json:"block_nw_unlink_cont,omitempty"`
BypassScope BypassScope `json:"bypass_scope"`
ContainerExec ContainerExec `json:"container_exec"`
Created string `json:"created,omitempty"`
Cve string `json:"cve"`
DefaultSecurityProfile string `json:"default_security_profile"`
Description string `json:"description"`
Digest string `json:"digest"`
Domain string `json:"domain,omitempty"`
DomainName string `json:"domain_name,omitempty"`
DriftPrevention DriftPrevention `json:"drift_prevention"`
EnableCryptoMiningDns bool `json:"enable_crypto_mining_dns,omitempty"`
EnableForkGuard bool `json:"enable_fork_guard"`
EnableIPReputation bool `json:"enable_ip_reputation"`
EnablePortScanProtection bool `json:"enable_port_scan_protection"`
Enabled bool `json:"enabled"`
Enforce bool `json:"enforce"`
EnforceAfterDays int `json:"enforce_after_days"`
EnforceSchedulerAddedOn int `json:"enforce_scheduler_added_on,omitempty"`
ExecutableBlacklist ExecutableBlacklist `json:"executable_blacklist"`
FailCicd bool `json:"fail_cicd,omitempty"`
FailedKubernetesChecks FailedKubernetesChecks `json:"failed_kubernetes_checks"`
FileBlock FileBlock `json:"file_block"`
FileIntegrityMonitoring FileIntegrityMonitoring `json:"file_integrity_monitoring"`
ForkGuardProcessLimit int `json:"fork_guard_process_limit"`
HeuristicRefID int `json:"heuristic_ref_id,omitempty"`
ImageID int `json:"image_id,omitempty"`
ImageName string `json:"image_name"`
IsAuditChecked bool `json:"is_audit_checked"`
IsAutoGenerated bool `json:"is_auto_generated"`
Lastupdate int `json:"lastupdate,omitempty"`
LimitContainerPrivileges LimitContainerPrivileges `json:"limit_container_privileges"`
LinuxCapabilities LinuxCapabilities `json:"linux_capabilities"`
MalwareScanOptions MalwareScanOptions `json:"malware_scan_options"`
Name string `json:"name"`
NoNewPrivileges bool `json:"no_new_privileges"`
OnlyRegisteredImages bool `json:"only_registered_images,omitempty"`
PackageBlock PackageBlock `json:"package_block"`
Permission string `json:"permission,omitempty"`
PortBlock PortBlock `json:"port_block"`
//PreventOverrideDefaultConfig PreventOverrideDefaultConfig `json:"prevent_override_default_config,omitempty"`
ReadonlyFiles ReadonlyFiles `json:"readonly_files"`
ReadonlyRegistry ReadonlyRegistry `json:"readonly_registry"`
Registry string `json:"registry"`
RegistryAccessMonitoring RegistryAccessMonitoring `json:"registry_access_monitoring"`
RepoID int `json:"repo_id,omitempty"`
RepoName string `json:"repo_name"`
ResourceName string `json:"resource_name"`
ResourceType string `json:"resource_type"`
RestrictedVolumes RestrictedVolumes `json:"restricted_volumes"`
ReverseShell ReverseShell `json:"reverse_shell"`
RuntimeType string `json:"runtime_type"`
Scope Scope `json:"scope"`
SystemIntegrityProtection SystemIntegrityProtection `json:"system_integrity_protection"`
Tripwire Tripwire `json:"tripwire"`
Type string `json:"type"`
Updated time.Time `json:"updated"`
Version string `json:"version"`
VpatchVersion string `json:"vpatch_version"`
VulnID int `json:"vuln_id,omitempty"`
WhitelistedOsUsers WhitelistedOsUsers `json:"whitelisted_os_users"`
//JSON
//EnableCryptoMiningDNS bool `json:"enable_crypto_mining_dns"`
BlockContainerExec bool `json:"block_container_exec,omitempty"`
IsOOTBPolicy bool `json:"is_ootb_policy,omitempty"`
RuntimeMode int `json:"runtime_mode,omitempty"`
ExcludeApplicationScopes []string `json:"exclude_application_scopes,omitempty"`
}
type Saml ¶ added in v0.8.16
type Saml struct {
AquaCredsEnable bool `json:"aqua_creds_enable"`
AssertionUrl string `json:"assertion_url"`
AuthByRole bool `json:"auth_by_role"`
Enabled bool `json:"enabled"`
Idpissuer string `json:"idpissuer"`
Idpslourl string `json:"idpslourl"`
IdpSSOurl string `json:"idpssourl"`
LogoutUrl string `json:"logout_url"`
RoleMapping map[string][]string `json:"role_mapping"`
SignedRequest bool `json:"signed_request"`
SloEnabled bool `json:"slo_enabled"`
SpId string `json:"sp_id"`
SSOEnable bool `json:"sso_enable"`
TokenProvided bool `json:"token_provided"`
UserLoginid string `json:"user_loginid"`
UserRole string `json:"user_role"`
X509cert string `json:"x509cert"`
}
type ScanTimeAuto ¶ added in v0.8.3
type Service ¶
type Service struct {
Name string `json:"name"`
Description string `json:"description"`
Author string `json:"author"`
Containers []string `json:"containers"`
ContainersCount int `json:"containers_count"`
Evaluated bool `json:"evaluated"`
Monitoring bool `json:"monitoring"`
Policies []string `json:"policies"`
Lastupdate int `json:"lastupdate"`
Vulnerabilities VulnerabilitiesTypes `json:"vulnerabilities"`
Enforce bool `json:"enforce"`
MembershipRules MembershipRules `json:"membership_rules"`
NotEvaluatedCount int `json:"not_evaluated_count"`
UnregisteredCount int `json:"unregistered_count"`
IsRegistered bool `json:"is_registered"`
ApplicationScopes []string `json:"application_scopes"`
}
Service represents a local Aqua Service
type ServiceList ¶
type UserGroups ¶ added in v0.8.7
type UserList ¶ added in v0.8.7
type UserList struct {
Items []interface{} `json:"data,omitempty"`
}
UserList contains a list of UserSaas
type Vulnerabilities ¶
type Vulnerabilities struct {
Name string `json:"name"`
Description string `json:"description"`
PublishDate string `json:"publish_date"`
ModificationDate string `json:"modification_date"`
VendorSeverity string `json:"vendor_severity"`
VendorCvss2Score float64 `json:"vendor_cvss2_score"`
VendorCvss2Vectors string `json:"vendor_cvss2_vectors"`
VendorStatement string `json:"vendor_statement"`
VendorURL string `json:"vendor_url"`
NvdSeverity string `json:"nvd_severity"`
NvdCvss2Score float64 `json:"nvd_cvss2_score"`
NvdCvss2Vectors string `json:"nvd_cvss2_vectors"`
NvdCvss3Severity string `json:"nvd_cvss3_severity"`
NvdCvss3Score float64 `json:"nvd_cvss3_score"`
NvdCvss3Vectors string `json:"nvd_cvss3_vectors"`
NvdURL string `json:"nvd_url"`
FixVersion string `json:"fix_version"`
Solution string `json:"solution"`
Classification string `json:"classification"`
AquaScore float64 `json:"aqua_score"`
AquaSeverity string `json:"aqua_severity"`
AquaVectors string `json:"aqua_vectors"`
AquaScoringSystem string `json:"aqua_scoring_system"`
FirstFoundDate string `json:"first_found_date"`
LastFoundDate string `json:"last_found_date"`
AncestorPkg string `json:"ancestor_pkg"`
SiblingPkg string `json:"sibling_pkg"`
SeverityClassification string `json:"severity_classification"`
AquaSeverityClassification string `json:"aqua_severity_classification"`
AquaScoreClassification string `json:"aqua_score_classification"`
Exploitability string `json:"exploitability"`
TemporalVector string `json:"temporal_vector"`
ExploitType string `json:"exploit_type"`
VPatchAppliedBy string `json:"v_patch_applied_by"`
VPatchAppliedOn string `json:"v_patch_applied_on"`
VPatchRevertedBy string `json:"v_patch_reverted_by"`
VPatchRevertedOn string `json:"v_patch_reverted_on"`
VPatchEnforcedBy string `json:"v_patch_enforced_by"`
VPatchEnforcedOn string `json:"v_patch_enforced_on"`
VPatchStatus string `json:"v_patch_status"`
AcknowledgedDate string `json:"acknowledged_date"`
AckScope string `json:"ack_scope"`
AckComment string `json:"ack_comment"`
AckAuthor string `json:"ack_author"`
AckExpirationDays int `json:"ack_expiration_days"`
AckExpirationConfiguredAt string `json:"ack_expiration_configured_at"`
AckExpirationConfiguredBy string `json:"ack_expiration_configured_by"`
VPatchPolicyName string `json:"v_patch_policy_name"`
VPatchPolicyEnforce bool `json:"v_patch_policy_enforce"`
AuditEventsCount int `json:"audit_events_count"`
BlockEventsCount int `json:"block_events_count"`
Resource Resource `json:"resource"`
Registry string `json:"registry"`
ImageRepositoryName string `json:"image_repository_name"`
ImageName string `json:"image_name"`
ImageDigest string `json:"image_digest"`
Os string `json:"os"`
OsVersion string `json:"os_version"`
Permission string `json:"permission"`
}
type VulnerabilitiesList ¶
type VulnerabilitiesList struct {
Count int `json:"count"`
Page int `json:"page"`
Pagesize int `json:"pagesize"`
Result []Vulnerabilities `json:"result"`
MoreDataAllPages int `json:"more_data_all_pages"`
}
type VulnerabilitiesTypes ¶
type WhitelistedOsUsers ¶
type Workload ¶ added in v0.8.8
type Workload struct {
Kubernetes CommonStruct `json:"kubernetes"`
OS CommonStruct `json:"os"`
WCF CommonStruct `json:"cf"`
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.