Documentation ¶
Overview ¶
Package entities holds commonly used methods used in security automation.
Index ¶
- Variables
- type ComputeClient
- type Finding
- func (f *Finding) BadIPs() []string
- func (f *Finding) ExternalMembers() []string
- func (f *Finding) ExternalUsers() []string
- func (f *Finding) Instance() string
- func (f *Finding) ProjectID() string
- func (f *Finding) ProjectNumber() string
- func (f *Finding) ReadFinding(m *pubsub.Message) error
- func (f *Finding) Resource() string
- func (f *Finding) RuleName() string
- func (f *Finding) Zone() string
- type Firewall
- type FirewallClient
- type Host
- func (h *Host) CreateDiskSnapshot(ctx context.Context, projectID, zone, disk, name string) (*compute.Operation, error)
- func (h *Host) DeleteDiskSnapshot(project, snapshot string) (*compute.Operation, error)
- func (h *Host) ListInstanceDisks(ctx context.Context, projectID, zone, instance string) ([]*compute.Disk, error)
- func (h *Host) ListProjectSnapshots(ctx context.Context, projectID string) (*compute.SnapshotList, error)
- func (h *Host) SetSnapshotLabels(ctx context.Context, projectID, name string, m map[string]string) error
- func (h *Host) WaitGlobal(project string, op *compute.Operation) []error
- func (h *Host) WaitZone(project, zone string, op *compute.Operation) []error
- type Resource
- func (u *Resource) GetProjectAncestry(ctx context.Context, projectID string) ([]string, error)
- func (u *Resource) RemoveDomainsProject(ctx context.Context, projectID string, disallowedDomains []string) (*crm.Policy, error)
- func (u *Resource) RemoveEntityFromBucket(ctx context.Context, bucketName string, entity storage.ACLEntity) error
- func (u *Resource) RemoveMembersProject(ctx context.Context, projectID string, remove []string) (*crm.Policy, error)
Constants ¶
This section is empty.
Variables ¶
var ( // ErrUnmarshal thrown when unable to unmarshal. ErrUnmarshal = errors.New("failed to unmarshal") // ErrParsing thrown when unable to parse. ErrParsing = errors.New("not a valid log") // ErrValueNotFound thrown when a value is requested but not found. ErrValueNotFound = errors.New("value not found") )
Functions ¶
This section is empty.
Types ¶
type ComputeClient ¶
type ComputeClient interface { CreateSnapshot(context.Context, string, string, string, *compute.Snapshot) (*compute.Operation, error) ListProjectSnapshots(context.Context, string) (*compute.SnapshotList, error) ListDisks(context.Context, string, string) (*compute.DiskList, error) SetLabels(context.Context, string, string, *compute.GlobalSetLabelsRequest) (*compute.Operation, error) DeleteDiskSnapshot(string, string) (*compute.Operation, error) WaitZone(string, string, *compute.Operation) []error WaitGlobal(string, *compute.Operation) []error }
ComputeClient contains minimum interface required by the host entity.
type Finding ¶
type Finding struct {
// contains filtered or unexported fields
}
Finding struct setting.
func (*Finding) ExternalMembers ¶
ExternalMembers returns a slice of external members.
func (*Finding) ExternalUsers ¶
ExternalUsers returns the external members found from an anomalous IAM grant.
func (*Finding) ProjectNumber ¶
ProjectNumber returns the project number of the affected resource, or an empty string if it can't find one.
func (*Finding) ReadFinding ¶
ReadFinding unmarshals a finding from PubSub.
type Firewall ¶
type Firewall struct {
// contains filtered or unexported fields
}
Firewall entity.
func NewFirewall ¶
func NewFirewall(cs FirewallClient) *Firewall
NewFirewall returns a new firewall entity.
func (*Firewall) DisableFirewallRule ¶
DisableFirewallRule sets the firewall rule to disabled.
type FirewallClient ¶
type FirewallClient interface {
PatchFirewallRule(string, string, *compute.Firewall) (*compute.Operation, error)
}
FirewallClient holds the minimum interface required by the firewall entity.
type Host ¶
type Host struct {
// contains filtered or unexported fields
}
Host entity.
func (*Host) CreateDiskSnapshot ¶
func (h *Host) CreateDiskSnapshot(ctx context.Context, projectID, zone, disk, name string) (*compute.Operation, error)
CreateDiskSnapshot creates a snapshot.
func (*Host) DeleteDiskSnapshot ¶
DeleteDiskSnapshot deletes the given snapshot from the project.
func (*Host) ListInstanceDisks ¶
func (h *Host) ListInstanceDisks(ctx context.Context, projectID, zone, instance string) ([]*compute.Disk, error)
ListInstanceDisks returns a list of disk names for a given instance.
func (*Host) ListProjectSnapshots ¶
func (h *Host) ListProjectSnapshots(ctx context.Context, projectID string) (*compute.SnapshotList, error)
ListProjectSnapshots returns a list of snapshots.
func (*Host) SetSnapshotLabels ¶
func (h *Host) SetSnapshotLabels(ctx context.Context, projectID, name string, m map[string]string) error
SetSnapshotLabels sets the labels on a snapshot.
func (*Host) WaitGlobal ¶
WaitGlobal will wait for the global operation to complete.
type Resource ¶
type Resource struct {
// contains filtered or unexported fields
}
Resource entity.
func NewResource ¶
func NewResource(crm crmClient, s storageClient) *Resource
NewResource returns a new resource entity.
func (*Resource) GetProjectAncestry ¶
GetProjectAncestry returns a slice of the project's ancestry.
func (*Resource) RemoveDomainsProject ¶
func (u *Resource) RemoveDomainsProject(ctx context.Context, projectID string, disallowedDomains []string) (*crm.Policy, error)
RemoveDomainsProject removes all members from the given project that end with the disallowed domains.