Documentation
¶
Index ¶
- type BulkUploadInput
- type BulkUploadOutput
- type CreateDataModelInput
- type CreateGlobalInput
- type CreatePolicyInput
- type CreateRuleInput
- type DataModel
- type DataModelMapping
- type DeleteDataModelsInput
- type DeleteEntry
- type DeleteGlobalsInput
- type DeletePoliciesInput
- type DeleteRulesInput
- type Detection
- type DetectionType
- type EnumeratePackInput
- type EnumeratePackOutput
- type GetDataModelInput
- type GetGlobalInput
- type GetPackInput
- type GetPolicyInput
- type GetRuleInput
- type Global
- type LambdaInput
- type ListDataModelsInput
- type ListDataModelsOutput
- type ListDetectionsInput
- type ListDetectionsOutput
- type ListGlobalsInput
- type ListGlobalsOutput
- type ListPacksInput
- type ListPacksOutput
- type ListPoliciesInput
- type ListPoliciesOutput
- type ListRulesInput
- type ListRulesOutput
- type Pack
- type PackDefinition
- type Paging
- type PatchPackInput
- type Policy
- type PollPacksInput
- type Rule
- type SuppressInput
- type TestDetectionSubRecord
- type TestError
- type TestPolicyInput
- type TestPolicyOutput
- type TestPolicyRecord
- type TestPolicyRecordFunctions
- type TestRuleInput
- type TestRuleOutput
- type TestRuleRecord
- type TestRuleRecordFunctions
- type UnitTest
- type UpdateDataModelInput
- type UpdateGlobalInput
- type UpdatePolicyInput
- type UpdateRuleInput
- type Version
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BulkUploadInput ¶
type BulkUploadOutput ¶
type BulkUploadOutput struct {
TotalPolicies int `json:"totalPolicies"`
NewPolicies int `json:"newPolicies"`
ModifiedPolicies int `json:"modifiedPolicies"`
TotalRules int `json:"totalRules"`
NewRules int `json:"newRules"`
ModifiedRules int `json:"modifiedRules"`
TotalGlobals int `json:"totalGlobals"`
NewGlobals int `json:"newGlobals"`
ModifiedGlobals int `json:"modifiedGlobals"`
TotalDataModels int `json:"totalDataModels"`
NewDataModels int `json:"newDataModels"`
ModifiedDataModels int `json:"modifiedDataModels"`
}
type CreateDataModelInput ¶
type CreateDataModelInput = UpdateDataModelInput
type CreateGlobalInput ¶
type CreateGlobalInput = UpdateGlobalInput
type CreatePolicyInput ¶
type CreatePolicyInput = UpdatePolicyInput
type CreateRuleInput ¶
type CreateRuleInput = UpdateRuleInput
type DataModel ¶
type DataModel struct {
Body string `json:"body"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description"`
DisplayName string `json:"displayName"`
Enabled bool `json:"enabled"`
ID string `json:"id"`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
LogTypes []string `json:"logTypes"`
Mappings []DataModelMapping `json:"mappings"`
VersionID string `json:"versionId"`
}
type DataModelMapping ¶
type DeleteDataModelsInput ¶
type DeleteDataModelsInput = DeletePoliciesInput
type DeleteEntry ¶
type DeleteEntry struct {
ID string `json:"id" validate:"required,max=1000"`
}
type DeleteGlobalsInput ¶
type DeleteGlobalsInput = DeletePoliciesInput
type DeletePoliciesInput ¶
type DeletePoliciesInput struct {
Entries []DeleteEntry `json:"entries" validate:"min=1,max=1000,dive"`
}
type DeleteRulesInput ¶
type DeleteRulesInput = DeletePoliciesInput
type Detection ¶ added in v1.16.0
type Detection struct {
// Policy only
AutoRemediationID string `json:"autoRemediationId" validate:"max=1000"`
AutoRemediationParameters map[string]string `json:"autoRemediationParameters" validte:"max=500"`
ComplianceStatus models.ComplianceStatus `json:"complianceStatus"`
ResourceTypes []string `json:"resourceTypes"`
Suppressions []string `json:"suppressions" validate:"max=500,dive,required,max=1000"`
// Rule only
DedupPeriodMinutes int `json:"dedupPeriodMinutes"`
LogTypes []string `json:"logTypes"`
Threshold int `json:"threshold"`
// Shared
AnalysisType DetectionType `json:"analysisType"`
Body string `json:"body" validate:"required,max=100000"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
VersionID string `json:"versionId"`
}
type DetectionType ¶
type DetectionType string
const ( TypePolicy DetectionType = "POLICY" TypeRule DetectionType = "RULE" TypeGlobal DetectionType = "GLOBAL" TypeDataModel DetectionType = "DATAMODEL" TypePack DetectionType = "PACK" )
type EnumeratePackInput ¶ added in v1.16.0
type EnumeratePackInput struct {
// Take in the pack definition
ID string `json:"id"`
// Detection fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
EnumeratePack is similar to ListDetections, ListGlobals, and ListDataModels in that it will return paged data given some input filter. It differs in that it will return any type (whether it be policy, rule, data model, global, etc.)
type EnumeratePackOutput ¶ added in v1.16.0
type GetDataModelInput ¶
type GetGlobalInput ¶
type GetPackInput ¶ added in v1.16.0
type GetPackInput struct {
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
}
type GetPolicyInput ¶
type GetRuleInput ¶
type Global ¶
type Global struct {
Body string `json:"body"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description"`
ID string `json:"id"`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
Tags []string `json:"tags"`
VersionID string `json:"versionId"`
}
type LambdaInput ¶
type LambdaInput struct {
// Shared
BulkUpload *BulkUploadInput `json:"bulkUpload,omitempty"`
ListDetections *ListDetectionsInput `json:"listDetections,omitempty"`
DeleteDetections *DeletePoliciesInput `json:"deleteDetections,omitempty"`
// Globals
CreateGlobal *CreateGlobalInput `json:"createGlobal,omitempty"`
DeleteGlobals *DeleteGlobalsInput `json:"deleteGlobals,omitempty"`
GetGlobal *GetGlobalInput `json:"getGlobal,omitempty"`
ListGlobals *ListGlobalsInput `json:"listGlobals,omitempty"`
UpdateGlobal *UpdateGlobalInput `json:"updateGlobal,omitempty"`
// Policies (cloud security)
CreatePolicy *CreatePolicyInput `json:"createPolicy,omitempty"`
DeletePolicies *DeletePoliciesInput `json:"deletePolicies,omitempty"`
GetPolicy *GetPolicyInput `json:"getPolicy,omitempty"`
// TODO deprecate this endpoint in favor of ListDetections
ListPolicies *ListPoliciesInput `json:"listPolicies,omitempty"`
Suppress *SuppressInput `json:"suppress,omitempty"`
TestPolicy *TestPolicyInput `json:"testPolicy,omitempty"`
UpdatePolicy *UpdatePolicyInput `json:"updatePolicy,omitempty"`
// Rules (log analysis)
CreateRule *CreateRuleInput `json:"createRule,omitempty"`
DeleteRules *DeleteRulesInput `json:"deleteRules,omitempty"`
GetRule *GetRuleInput `json:"getRule,omitempty"`
// TODO deprecate this endpoint in favor of ListDetections
ListRules *ListRulesInput `json:"listRules,omitempty"`
TestRule *TestRuleInput `json:"testRule,omitempty"`
UpdateRule *UpdateRuleInput `json:"updateRule,omitempty"`
// Data models (log analysis)
CreateDataModel *CreateDataModelInput `json:"createDataModel,omitempty"`
DeleteDataModels *DeleteDataModelsInput `json:"deleteDataModels,omitempty"`
GetDataModel *GetDataModelInput `json:"getDataModel,omitempty"`
ListDataModels *ListDataModelsInput `json:"listDataModels,omitempty"`
UpdateDataModel *UpdateDataModelInput `json:"updateDataModel,omitempty"`
// Detection Packs
GetPack *GetPackInput `json:"getPack,omitempty"`
EnumeratePack *EnumeratePackInput `json:"enumeratePack,omitempty"`
ListPacks *ListPacksInput `json:"listPacks,omitempty"`
PatchPack *PatchPackInput `json:"patchPack,omitempty"`
PollPacks *PollPacksInput `json:"pollPacks,omitempty"`
}
type ListDataModelsInput ¶
type ListDataModelsInput struct {
// ----- Filtering -----
// Only include data models which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include data models whose ID contains this substring (case-insensitive)
NameContains string `json:"nameContains"`
// Only include data models which apply to one of these log types
LogTypes []string `json:"logTypes" validate:"dive,required,max=500"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=enabled id lastModified logTypes"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
type ListDataModelsOutput ¶
type ListDetectionsInput ¶ added in v1.16.0
type ListDetectionsInput struct {
// Only include policies with a specific compliance status. Only applies to policies.
ComplianceStatus models.ComplianceStatus `json:"complianceStatus" validate:"omitempty,oneof=PASS FAIL ERROR"`
// Only include policies with or without auto-remediation enabled. Only applies to policies.
HasRemediation *bool `json:"hasRemediation"`
// Only include detections with the following ids
IDs []string `json:"ids" validate:"max=1000"`
// Only include policies which apply to one of these resource types. Only applies to policies.
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
// Only include rules which apply to one of these log types. Only applies to rules.
LogTypes []string `json:"logTypes" validate:"max=500,dive,required,max=500"`
// Only include detections with the following type
AnalysisTypes []DetectionType `json:"analysisTypes" validate:"omitempty,dive,oneof=RULE POLICY"`
// Only include detections whose ID or display name contains this case-insensitive substring
NameContains string `json:"nameContains" validate:"max=1000"`
// Only include detections which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include detections with this severity
Severity []models.Severity `json:"severity" validate:"dive,oneof=INFO LOW MEDIUM HIGH CRITICAL"`
// Only include detections with all of these tags (case-insensitive)
Tags []string `json:"tags" validate:"max=500,dive,required,max=500"`
// Only include detections whose creator matches this user ID (which need not be a uuid)
CreatedBy string `json:"createdBy"`
// Only include detections which were last modified by this user ID
LastModifiedBy string `json:"lastModifiedBy"`
// If True, include only detections which were created by the system during the initial deployment
// If False, include only detections where were NOT created by the system during the initial deployment
InitialSet *bool `json:"initialSet"`
// Detection fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=displayName enabled id lastModified severity"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
type ListDetectionsOutput ¶ added in v1.16.0
type ListGlobalsInput ¶
type ListGlobalsInput struct {
// JSON field names (passed to Dynamo as a projection). For example,
// ["id", "lastModified", "tags"]
Fields []string `json:"fields" validate:"max=15,dive,required,max=100"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
type ListGlobalsOutput ¶
type ListPacksInput ¶ added in v1.16.0
type ListPacksInput struct {
// ----- Filtering -----
// Only include packs which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include packs which have this packVersion
PackVersion Version `json:"packVersion"`
// Only include packs whose ID or display name contains this case-insensitive substring
NameContains string `json:"nameContains" validate:"max=1000"`
// Only include packs that have updates available
UpdateAvailable *bool `json:"updateAvailable"`
// ----- Projection -----
// Fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
}
type ListPacksOutput ¶ added in v1.16.0
type ListPoliciesInput ¶
type ListPoliciesInput struct {
// ----- Filtering -----
// Only include policies with a specific compliance status
ComplianceStatus models.ComplianceStatus `json:"complianceStatus" validate:"omitempty,oneof=PASS FAIL ERROR"`
// Only include policies whose ID or display name contains this case-insensitive substring
NameContains string `json:"nameContains" validate:"max=1000"`
// Only include policies which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include policies with or without auto-remediation enabled
HasRemediation *bool `json:"hasRemediation"`
// Only include policies which apply to one of these resource types
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
// Only include policies with this severity
Severity []models.Severity `json:"severity" validate:"dive,oneof=INFO LOW MEDIUM HIGH CRITICAL"`
// Only include policies with all of these tags (case-insensitive)
Tags []string `json:"tags" validate:"max=500,dive,required,max=500"`
// ----- Projection -----
// Policy fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=complianceStatus enabled id lastModified resourceTypes severity"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
// Only include policies whose creator matches this user ID (which need not be a uuid)
CreatedBy string `json:"createdBy"`
// Only include policies which were last modified by this user ID
LastModifiedBy string `json:"lastModifiedBy"`
// If True, include only policies which were created by the system during the initial deployment
// If False, include only policies where were NOT created by the system during the initial deployment
InitialSet *bool `json:"initialSet"`
}
type ListPoliciesOutput ¶
type ListRulesInput ¶
type ListRulesInput struct {
// ----- Filtering -----
// Only include rules whose ID or display name contains this case-insensitive substring
NameContains string `json:"nameContains" validate:"max=1000"`
// Only include rules which are enabled or disabled
Enabled *bool `json:"enabled"`
// Only include rules which apply to one of these log types
LogTypes []string `json:"logTypes" validate:"max=500,dive,required,max=500"`
// Only include policies with this severity
Severity []models.Severity `json:"severity" validate:"dive,oneof=INFO LOW MEDIUM HIGH CRITICAL"`
// Only include policies with all of these tags (case-insensitive)
Tags []string `json:"tags" validate:"max=500,dive,required,max=500"`
// ----- Projection -----
// Policy fields to return in the response (default: all)
Fields []string `json:"fields" validate:"max=20,dive,required,max=100"`
// ----- Sorting -----
SortBy string `json:"sortBy" validate:"omitempty,oneof=displayName enabled id lastModified logTypes severity"`
SortDir string `json:"sortDir" validate:"omitempty,oneof=ascending descending"`
// ----- Paging -----
PageSize int `json:"pageSize" validate:"min=0,max=1000"`
Page int `json:"page" validate:"min=0"`
// Only include rules whose creator matches this user ID (which need not be a uuid)
CreatedBy string `json:"createdBy"`
// Only include rules which were last modified by this user ID
LastModifiedBy string `json:"lastModifiedBy"`
// If True, include only rules which were created by the system during the initial deployment
// If False, include only rules where were NOT created by the system during the initial deployment
InitialSet *bool `json:"initialSet"`
}
type ListRulesOutput ¶
type Pack ¶ added in v1.16.0
type Pack struct {
Enabled bool `json:"enabled"`
UpdateAvailable bool `json:"updateAvailable"`
CreatedBy string `json:"createdBy"`
Description string `json:"description"`
DisplayName string `json:"displayName"`
PackVersion Version `json:"packVersion"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LastModifiedBy string `json:"lastModifiedBy"`
CreatedAt time.Time `json:"createdAt"`
LastModified time.Time `json:"lastModified"`
AvailableVersions []Version `json:"availableVersions"`
PackDefinition PackDefinition `json:"packDefinition"`
PackTypes map[DetectionType]int `json:"packTypes"`
}
type PackDefinition ¶ added in v1.16.0
type PackDefinition struct {
IDs []string `json:"IDs"`
}
type PatchPackInput ¶ added in v1.16.0
type Policy ¶
type Policy struct {
AnalysisType DetectionType `json:"analysisType"`
AutoRemediationID string `json:"autoRemediationId" validate:"max=1000"`
AutoRemediationParameters map[string]string `json:"autoRemediationParameters" validte:"max=500"`
Body string `json:"body" validate:"required,max=100000"`
ComplianceStatus models.ComplianceStatus `json:"complianceStatus"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Suppressions []string `json:"suppressions" validate:"max=500,dive,required,max=1000"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
VersionID string `json:"versionId"`
}
The validate tags here are used by BulkUpload
type PollPacksInput ¶ added in v1.16.0
type PollPacksInput struct {
// allow to poll for a particular release
VersionID int64 `json:"versionID"`
}
PollPacksInput will also update the pack metadata: "availableReleases" and "updateAvailable"
type Rule ¶
type Rule struct {
AnalysisType DetectionType `json:"analysisType"`
Body string `json:"body"`
CreatedAt time.Time `json:"createdAt"`
CreatedBy string `json:"createdBy"`
DedupPeriodMinutes int `json:"dedupPeriodMinutes"`
Description string `json:"description"`
DisplayName string `json:"displayName"`
Enabled bool `json:"enabled"`
ID string `json:"id"`
LastModified time.Time `json:"lastModified"`
LastModifiedBy string `json:"lastModifiedBy"`
LogTypes []string `json:"logTypes"`
OutputIDs []string `json:"outputIds"`
Reference string `json:"reference"`
Reports map[string][]string `json:"reports"`
Runbook string `json:"runbook"`
Severity models.Severity `json:"severity"`
Tags []string `json:"tags"`
Tests []UnitTest `json:"tests"`
Threshold int `json:"threshold"`
VersionID string `json:"versionId"`
}
type SuppressInput ¶
type SuppressInput struct {
PolicyIDs []string `json:"policyIds" validate:"min=1,dive,required,max=1000"`
// List of resource ID regexes that are excepted from the policy.
// The policy will still be evaluated, but failures will not trigger alerts nor remediations
ResourcePatterns []string `json:"resourcePatterns" validate:"min=1,dive,required,max=10000"`
}
type TestDetectionSubRecord ¶
type TestPolicyInput ¶
type TestPolicyOutput ¶
type TestPolicyOutput struct {
Results []TestPolicyRecord `json:"results"`
}
type TestPolicyRecord ¶
type TestPolicyRecord struct {
ID string `json:"id"`
Name string `json:"name"`
Passed bool `json:"passed"`
Functions TestPolicyRecordFunctions `json:"functions"`
Error *TestError `json:"error"`
}
type TestPolicyRecordFunctions ¶
type TestPolicyRecordFunctions struct {
Policy TestDetectionSubRecord `json:"policyFunction"`
}
type TestRuleInput ¶
type TestRuleOutput ¶
type TestRuleOutput struct {
Results []TestRuleRecord `json:"results"`
}
type TestRuleRecord ¶
type TestRuleRecord struct {
ID string `json:"id"`
Name string `json:"name"`
Passed bool `json:"passed"`
Functions TestRuleRecordFunctions `json:"functions"`
// An error produced before running any of the rule functions, like import or syntax error.
Error *TestError `json:"error"`
}
type TestRuleRecordFunctions ¶
type TestRuleRecordFunctions struct {
Rule *TestDetectionSubRecord `json:"ruleFunction"`
Title *TestDetectionSubRecord `json:"titleFunction"`
Dedup *TestDetectionSubRecord `json:"dedupFunction"`
AlertContext *TestDetectionSubRecord `json:"alertContextFunction"`
Description *TestDetectionSubRecord `json:"descriptionFunction"`
Destinations *TestDetectionSubRecord `json:"destinationsFunction"`
Reference *TestDetectionSubRecord `json:"referenceFunction"`
Runbook *TestDetectionSubRecord `json:"runbookFunction"`
Severity *TestDetectionSubRecord `json:"severityFunction"`
}
type UpdateDataModelInput ¶
type UpdateDataModelInput struct {
Body string `json:"body" validate:"omitempty,max=100000"` // not required
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LogTypes []string `json:"logTypes" validate:"len=1,dive,required,max=500"` // for now, only one logtype allowed
Mappings []DataModelMapping `json:"mappings" validate:"min=1,max=500,dive"`
UserID string `json:"userId" validate:"required"`
}
type UpdateGlobalInput ¶
type UpdateGlobalInput struct {
Body string `json:"body" validate:"required,max=100000"`
Description string `json:"description" validate:"max=10000"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
UserID string `json:"userId" validate:"required"`
}
type UpdatePolicyInput ¶
type UpdatePolicyInput struct {
AnalysisType DetectionType `json:"analysisType"`
AutoRemediationID string `json:"autoRemediationId" validate:"max=1000"`
AutoRemediationParameters map[string]string `json:"autoRemediationParameters" validate:"max=500"`
Body string `json:"body" validate:"required,max=100000"`
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
ResourceTypes []string `json:"resourceTypes" validate:"max=500,dive,required,max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Suppressions []string `json:"suppressions" validate:"max=500,dive,required,max=1000"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
UserID string `json:"userId" validate:"required"`
}
type UpdateRuleInput ¶
type UpdateRuleInput struct {
AnalysisType DetectionType `json:"analysisType"`
Body string `json:"body" validate:"required,max=100000"`
DedupPeriodMinutes int `json:"dedupPeriodMinutes" validate:"min=0"`
Description string `json:"description" validate:"max=10000"`
DisplayName string `json:"displayName" validate:"max=1000,excludesall='<>&\""`
Enabled bool `json:"enabled"`
ID string `json:"id" validate:"required,max=1000,excludesall='<>&\""`
LogTypes []string `json:"logTypes" validate:"max=500,dive,required,max=500"`
OutputIDs []string `json:"outputIds" validate:"max=500,dive,required,max=5000"`
Reference string `json:"reference" validate:"max=10000"`
Reports map[string][]string `json:"reports" validate:"max=500"`
Runbook string `json:"runbook" validate:"max=10000"`
Severity models.Severity `json:"severity" validate:"oneof=INFO LOW MEDIUM HIGH CRITICAL"`
Tags []string `json:"tags" validate:"max=500,dive,required,max=1000"`
Tests []UnitTest `json:"tests" validate:"max=500,dive"`
Threshold int `json:"threshold" validate:"min=0"`
UserID string `json:"userId" validate:"required"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.