diff --git a/api/cloud_accounts.go b/api/cloud_accounts.go index b6cb1e344..5882fd13d 100644 --- a/api/cloud_accounts.go +++ b/api/cloud_accounts.go @@ -101,6 +101,8 @@ const ( AzureSidekickCloudAccount GcpAlPubSubCloudAccount OciCfgCloudAccount + AwsDspmCloudAccount + AzureDspmCloudAccount ) // CloudAccountTypes is the list of available Cloud Account integration types @@ -123,6 +125,8 @@ var CloudAccountTypes = map[cloudAccountType]string{ AzureSidekickCloudAccount: "AzureSidekick", GcpAlPubSubCloudAccount: "GcpAlPubSub", OciCfgCloudAccount: "OciCfg", + AwsDspmCloudAccount: "AwsDspm", + AzureDspmCloudAccount: "AzureDspm", } // String returns the string representation of a Cloud Account integration type diff --git a/api/cloud_accounts_aws_dspm.go b/api/cloud_accounts_aws_dspm.go new file mode 100644 index 000000000..66d045206 --- /dev/null +++ b/api/cloud_accounts_aws_dspm.go @@ -0,0 +1,73 @@ +// +// Author:: Darren Murray() +// Copyright:: Copyright 2022, Lacework Inc. +// License:: Apache License, Version 2.0 +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package api + +// GetAwsDspm gets a single AwsDspm integration matching the provided integration guid +func (svc *CloudAccountsService) GetAwsDspm(guid string) ( + response AwsDspmResponse, + err error, +) { + err = svc.get(guid, &response) + return +} + +// CreateAwsDspm creates an AwsDspm Cloud Account integration +func (svc *CloudAccountsService) CreateAwsDspm(data CloudAccount) ( + response AwsDspmResponse, + err error, +) { + err = svc.create(data, &response) + return +} + +// UpdateAwsDspm updates a single AwsDspm integration on the Lacework Server +func (svc *CloudAccountsService) UpdateAwsDspm(data CloudAccount) ( + response AwsDspmResponse, + err error, +) { + err = svc.update(data.ID(), data, &response) + return +} + +type AwsDspmResponse struct { + Data AwsDspm `json:"data"` +} + +type AwsDspm struct { + v2CommonIntegrationData + awsDspmToken `json:"serverToken"` + Data AwsDspmData `json:"data"` +} + +type awsDspmToken struct { + ServerToken string `json:"serverToken"` + Uri string `json:"uri"` +} + +// AwsDspmData contains the data needed by Lacework platform services. +type AwsDspmData struct { + AccountID string `json:"awsAccountId,omitempty"` + BucketArn string `json:"bucketArn,omitempty"` + CrossAccountCreds AwsDspmCrossAccountCredentials `json:"crossAccountCredentials"` +} + +type AwsDspmCrossAccountCredentials struct { + ExternalID string `json:"externalId,omitempty"` + RoleArn string `json:"roleArn,omitempty"` +} diff --git a/api/cloud_accounts_azure_dspm.go b/api/cloud_accounts_azure_dspm.go new file mode 100644 index 000000000..4ad80ab4d --- /dev/null +++ b/api/cloud_accounts_azure_dspm.go @@ -0,0 +1,74 @@ +// +// Author:: Darren Murray() +// Copyright:: Copyright 2022, Lacework Inc. +// License:: Apache License, Version 2.0 +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package api + +// GetAzureDspm gets a single AzureDspm integration matching the provided integration guid +func (svc *CloudAccountsService) GetAzureDspm(guid string) ( + response AzureDspmResponse, + err error, +) { + err = svc.get(guid, &response) + return +} + +// CreateAzureDspm creates an AzureDspm Cloud Account integration +func (svc *CloudAccountsService) CreateAzureDspm(data CloudAccount) ( + response AzureDspmResponse, + err error, +) { + err = svc.create(data, &response) + return +} + +// UpdateAzureDspm updates a single AzureDspm integration on the Lacework Server +func (svc *CloudAccountsService) UpdateAzureDspm(data CloudAccount) ( + response AzureDspmResponse, + err error, +) { + err = svc.update(data.ID(), data, &response) + return +} + +type AzureDspmResponse struct { + Data AzureDspm `json:"data"` +} + +type AzureDspm struct { + v2CommonIntegrationData + azureDspmToken `json:"serverToken"` + Data AzureDspmData `json:"data"` +} + +type azureDspmToken struct { + ServerToken string `json:"serverToken"` + Uri string `json:"uri"` +} + +// AzureDspmData contains the data needed by Lacework platform services. +type AzureDspmData struct { + TenantID string `json:"tenantId,omitempty"` + StorageAccountUrl string `json:"storageAccountUrl,omitempty"` + BlobContainerName string `json:"blobContainerName,omitempty"` + Credentials AzureDspmCredentials `json:"credentials"` +} + +type AzureDspmCredentials struct { + ClientId string `json:"clientId,omitempty"` + ClientSecret string `json:"clientSecret,omitempty"` +}