From 72e03759907710426c17e19e087dcc94ec70bd5e Mon Sep 17 00:00:00 2001
From: Timothy Nguyen <ntimothy@fortinet.com>
Date: Tue, 16 Dec 2025 21:26:11 +0000
Subject: [PATCH 1/2] feat(dspm): implement aws and azure dspm cloud accounts
 crud

---
 api/cloud_accounts.go            |  4 ++
 api/cloud_accounts_aws_dspm.go   | 67 +++++++++++++++++++++++++++++++
 api/cloud_accounts_azure_dspm.go | 68 ++++++++++++++++++++++++++++++++
 3 files changed, 139 insertions(+)
 create mode 100644 api/cloud_accounts_aws_dspm.go
 create mode 100644 api/cloud_accounts_azure_dspm.go

diff --git a/api/cloud_accounts.go b/api/cloud_accounts.go
index b6cb1e344..5882fd13d 100644
--- a/api/cloud_accounts.go
+++ b/api/cloud_accounts.go
@@ -101,6 +101,8 @@ const (
 	AzureSidekickCloudAccount
 	GcpAlPubSubCloudAccount
 	OciCfgCloudAccount
+	AwsDspmCloudAccount
+	AzureDspmCloudAccount
 )
 
 // CloudAccountTypes is the list of available Cloud Account integration types
@@ -123,6 +125,8 @@ var CloudAccountTypes = map[cloudAccountType]string{
 	AzureSidekickCloudAccount:  "AzureSidekick",
 	GcpAlPubSubCloudAccount:    "GcpAlPubSub",
 	OciCfgCloudAccount:         "OciCfg",
+	AwsDspmCloudAccount:        "AwsDspm",
+	AzureDspmCloudAccount:      "AzureDspm",
 }
 
 // String returns the string representation of a Cloud Account integration type
diff --git a/api/cloud_accounts_aws_dspm.go b/api/cloud_accounts_aws_dspm.go
new file mode 100644
index 000000000..483a6c12f
--- /dev/null
+++ b/api/cloud_accounts_aws_dspm.go
@@ -0,0 +1,67 @@
+//
+// Author:: Darren Murray(<darren.murray@lacework.net>)
+// Copyright:: Copyright 2022, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package api
+
+// GetAwsDspm gets a single AwsDspm integration matching the provided integration guid
+func (svc *CloudAccountsService) GetAwsDspm(guid string) (
+	response AwsDspmResponse,
+	err error,
+) {
+	err = svc.get(guid, &response)
+	return
+}
+
+// CreateAwsDspm creates an AwsDspm Cloud Account integration
+func (svc *CloudAccountsService) CreateAwsDspm(data CloudAccount) (
+	response AwsDspmResponse,
+	err error,
+) {
+	err = svc.create(data, &response)
+	return
+}
+
+// UpdateAwsDspm updates a single AwsDspm integration on the Lacework Server
+func (svc *CloudAccountsService) UpdateAwsDspm(data CloudAccount) (
+	response AwsDspmResponse,
+	err error,
+) {
+	err = svc.update(data.ID(), data, &response)
+	return
+}
+
+type AwsDspmResponse struct {
+	Data AwsDspm `json:"data"`
+}
+
+type AwsDspm struct {
+	v2CommonIntegrationData
+	Data AwsDspmData `json:"data"`
+}
+
+// AwsDspmData contains the data needed by Lacework platform services.
+type AwsDspmData struct {
+	AccountID         string                         `json:"awsAccountId,omitempty"`
+	BucketArn         string                         `json:"bucketArn,omitempty"`
+	CrossAccountCreds AwsDspmCrossAccountCredentials `json:"crossAccountCredentials"`
+}
+
+type AwsDspmCrossAccountCredentials struct {
+	ExternalID string `json:"externalId,omitempty"`
+	RoleArn    string `json:"roleArn,omitempty"`
+}
diff --git a/api/cloud_accounts_azure_dspm.go b/api/cloud_accounts_azure_dspm.go
new file mode 100644
index 000000000..783e9fc5e
--- /dev/null
+++ b/api/cloud_accounts_azure_dspm.go
@@ -0,0 +1,68 @@
+//
+// Author:: Darren Murray(<darren.murray@lacework.net>)
+// Copyright:: Copyright 2022, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package api
+
+// GetAzureDspm gets a single AzureDspm integration matching the provided integration guid
+func (svc *CloudAccountsService) GetAzureDspm(guid string) (
+	response AzureDspmResponse,
+	err error,
+) {
+	err = svc.get(guid, &response)
+	return
+}
+
+// CreateAzureDspm creates an AzureDspm Cloud Account integration
+func (svc *CloudAccountsService) CreateAzureDspm(data CloudAccount) (
+	response AzureDspmResponse,
+	err error,
+) {
+	err = svc.create(data, &response)
+	return
+}
+
+// UpdateAzureDspm updates a single AzureDspm integration on the Lacework Server
+func (svc *CloudAccountsService) UpdateAzureDspm(data CloudAccount) (
+	response AzureDspmResponse,
+	err error,
+) {
+	err = svc.update(data.ID(), data, &response)
+	return
+}
+
+type AzureDspmResponse struct {
+	Data AzureDspm `json:"data"`
+}
+
+type AzureDspm struct {
+	v2CommonIntegrationData
+	Data AzureDspmData `json:"data"`
+}
+
+// AzureDspmData contains the data needed by Lacework platform services.
+type AzureDspmData struct {
+	TenantID          string               `json:"tenantId,omitempty"`
+	StorageAccountUrl string               `json:"storageAccountUrl,omitempty"`
+	BlobContainerName string               `json:"blobContainerName,omitempty"`
+	Credentials       AzureDspmCredentials `json:"credentials"`
+}
+
+type AzureDspmCredentials struct {
+	ClientId     string `json:"clientId,omitempty"`
+	ClientSecret string `json:"clientSecret,omitempty"`
+}

From c83bb022d95f9f0335b5cd9db1d5c410b68e324d Mon Sep 17 00:00:00 2001
From: Timothy Nguyen <ntimothy@fortinet.com>
Date: Mon, 5 Jan 2026 19:53:32 +0000
Subject: [PATCH 2/2] feat(dspm): add server token to dspm cloud accounts

---
 api/cloud_accounts_aws_dspm.go   | 6 ++++++
 api/cloud_accounts_azure_dspm.go | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/api/cloud_accounts_aws_dspm.go b/api/cloud_accounts_aws_dspm.go
index 483a6c12f..66d045206 100644
--- a/api/cloud_accounts_aws_dspm.go
+++ b/api/cloud_accounts_aws_dspm.go
@@ -51,9 +51,15 @@ type AwsDspmResponse struct {
 
 type AwsDspm struct {
 	v2CommonIntegrationData
+	awsDspmToken `json:"serverToken"`
 	Data AwsDspmData `json:"data"`
 }
 
+type awsDspmToken struct {
+	ServerToken string `json:"serverToken"`
+	Uri         string `json:"uri"`
+}
+
 // AwsDspmData contains the data needed by Lacework platform services.
 type AwsDspmData struct {
 	AccountID         string                         `json:"awsAccountId,omitempty"`
diff --git a/api/cloud_accounts_azure_dspm.go b/api/cloud_accounts_azure_dspm.go
index 783e9fc5e..4ad80ab4d 100644
--- a/api/cloud_accounts_azure_dspm.go
+++ b/api/cloud_accounts_azure_dspm.go
@@ -51,9 +51,15 @@ type AzureDspmResponse struct {
 
 type AzureDspm struct {
 	v2CommonIntegrationData
+	azureDspmToken `json:"serverToken"`
 	Data AzureDspmData `json:"data"`
 }
 
+type azureDspmToken struct {
+	ServerToken string `json:"serverToken"`
+	Uri         string `json:"uri"`
+}
+
 // AzureDspmData contains the data needed by Lacework platform services.
 type AzureDspmData struct {
 	TenantID          string               `json:"tenantId,omitempty"`