From 3b06f3fbc7e9427cea31b027aaa8af100a27e937 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Thu, 23 May 2024 14:44:41 -0700 Subject: [PATCH 01/12] feat: CLI guided config for creating Azure AD integration --- cli/cmd/generate_azure.go | 164 ++++++++++++++++-- cli/cmd/generate_azure_test.go | 12 +- .../help/generate_cloud-account_azure | 6 + lwgenerate/azure/azure.go | 122 ++++++++++++- lwgenerate/azure/azure_test.go | 74 ++++++-- ...ty-log-event-hub-location-and-partition.tf | 33 ++++ .../entra-id-activity-log-existing-ad-app.tf | 26 +++ ...a-id-activity-log-existing-event-hub-ns.tf | 32 ++++ .../entra-id-activity-log-no-custom-input.tf | 31 ++++ lwgenerate/constants.go | 14 +- 10 files changed, 464 insertions(+), 50 deletions(-) create mode 100644 lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf create mode 100644 lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf create mode 100644 lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf create mode 100644 lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf diff --git a/cli/cmd/generate_azure.go b/cli/cmd/generate_azure.go index 893000c8a..9177ed5a3 100644 --- a/cli/cmd/generate_azure.go +++ b/cli/cmd/generate_azure.go @@ -1,6 +1,7 @@ package cmd import ( + "strconv" "strings" "time" @@ -14,18 +15,26 @@ import ( var ( // Define question text here so they can be reused in testing - QuestionAzureEnableConfig = "Enable Azure configuration integration?" - QuestionAzureConfigName = "Specify custom configuration integration name: (optional)" - QuestionEnableActivityLog = "Enable Azure Activity Log Integration?" - QuestionActivityLogName = "Specify custom Activity Log integration name: (optional)" - QuestionAddAzureSubscriptionID = "Set Azure Subscription ID?" - QuestionAzureSubscriptionID = "Specify the Azure Subscription ID to be used to provision " + + QuestionAzureEnableConfig = "Enable Azure configuration integration?" + QuestionAzureConfigName = "Specify custom configuration integration name: (optional)" + QuestionEnableActivityLog = "Enable Azure Activity Log Integration?" + QuestionActivityLogName = "Specify custom Activity Log integration name: (optional)" + QuestionEnableEntraIdActivityLog = "Enable Azure Entra ID Activity Log Integration?" + QuestionEntraIdActivityLogName = "Specify custom EntraID Activity Log integration name: (optional)" + QuestionAddAzureSubscriptionID = "Set Azure Subscription ID?" + QuestionAzureSubscriptionID = "Specify the Azure Subscription ID to be used to provision " + "Lacework resources: (optional)" QuestionAzureAnotherAdvancedOpt = "Configure another advanced integration option" QuestionAzureConfigAdvanced = "Configure advanced integration options?" QuestionAzureCustomizeOutputLocation = "Provide the location for the output to be written:" + // EntraID Activity Log + QuestionUseExistingEventHubNamespace = "Use an existing Event Hub Namespace?" + QuestionEventHubNamespaceName = "Specify existing Event Hub Namespace name" + QuestionEventHubLocation = "Specify Azure region where the event hub for logging will reside" + QuestionEventHubPartitionCount = "Specify the number of partitions in the event hub for logging" + // Active Directory QuestionEnableAdIntegration = "Create Active Directory Integration?" QuestionADApplicationPass = "Specify the password of an existing Active Directory application" @@ -58,6 +67,7 @@ var ( AzureUserIntegrationNames = "Customize integration name(s)" AzureAdvancedOptLocation = "Customize output location (optional)" AzureRegionStorage = "Customize Azure region for Storage Account (optional)" + AzureEntraIdAdvancedOpt = "Configure Entra ID activity log integration advanced options" GenerateAzureCommandState = &azure.GenerateAzureTfConfigurationArgs{} GenerateAzureCommandExtraState = &AzureGenerateCommandExtraState{} @@ -65,7 +75,7 @@ var ( CachedAzureAssetExtraState = "iac-azure-extra-state" // List of valid Azure Storage locations - validStorageLocations = map[string]bool{ + validAzureLocations = map[string]bool{ "East US": true, "East US 2": true, "South Central US": true, @@ -183,6 +193,11 @@ the new cloud account. In interactive mode, this command will: azure.WithStorageLocation(GenerateAzureCommandState.StorageLocation), azure.WithActivityLogIntegrationName(GenerateAzureCommandState.ActivityLogIntegrationName), azure.WithConfigIntegrationName(GenerateAzureCommandState.ConfigIntegrationName), + azure.WithEntraIdActivityLogIntegrationName(GenerateAzureCommandState.EntraIdIntegrationName), + azure.WithExistingEventHubNamespace(GenerateAzureCommandState.ExistingEventHubNamespace), + azure.WithEventHubNamespaceName(GenerateAzureCommandState.EventHubNamespaceName), + azure.WithEventHubLocation(GenerateAzureCommandState.EventHubLocation), + azure.WithEventHubPartitionCount(GenerateAzureCommandState.EventHubPartitionCount), } // Check if AD Creation is required, need to set values for current integration @@ -214,6 +229,7 @@ the new cloud account. In interactive mode, this command will: data := azure.NewTerraform( GenerateAzureCommandState.Config, GenerateAzureCommandState.ActivityLog, + GenerateAzureCommandState.EntraIdActivityLog, GenerateAzureCommandState.CreateAdIntegration, mods...) @@ -275,7 +291,7 @@ the new cloud account. In interactive mode, this command will: if err != nil { return errors.Wrap(err, "failed to load command flags") } - if err := validateStorageLocation(storageLocation); storageLocation != "" && err != nil { + if err := validateAzureLocation(storageLocation); storageLocation != "" && err != nil { return err } @@ -346,9 +362,9 @@ func (a *AzureGenerateCommandExtraState) writeCache() { } } -func validateStorageLocation(location string) error { - if !validStorageLocations[location] { - return errors.New("invalid storage location supplied") +func validateAzureLocation(location string) error { + if !validAzureLocations[location] { + return errors.New("invalid Azure region prvovided") } return nil } @@ -359,7 +375,7 @@ func initGenerateAzureTfCommandFlags() { &GenerateAzureCommandState.ActivityLog, "activity_log", false, - "enable active log integration") + "enable activity log integration") generateAzureTfCommand.PersistentFlags().StringVar( &GenerateAzureCommandState.ActivityLogIntegrationName, @@ -367,6 +383,18 @@ func initGenerateAzureTfCommandFlags() { "", "specify a custom activity log integration name") + generateAzureTfCommand.PersistentFlags().BoolVar( + &GenerateAzureCommandState.EntraIdActivityLog, + "entra_id_activity_log", + false, + "enable Entra ID activity log integration") + + generateAzureTfCommand.PersistentFlags().StringVar( + &GenerateAzureCommandState.EntraIdIntegrationName, + "entra_id_activity_log_integration_name", + "", + "specify a custom Entra ID activity log integration name") + generateAzureTfCommand.PersistentFlags().BoolVar( &GenerateAzureCommandState.Config, "configuration", @@ -409,6 +437,30 @@ func initGenerateAzureTfCommandFlags() { false, "use existing storage account") + generateAzureTfCommand.PersistentFlags().BoolVar( + &GenerateAzureCommandState.ExistingEventHubNamespace, + "existing_event_hub_namespace", + false, + "use existing Event Hub Namespace") + + generateAzureTfCommand.PersistentFlags().StringVar( + &GenerateAzureCommandState.EventHubNamespaceName, + "event_hub_namespace", + "", + "specify the name of the Event Hub Namespace") + + generateAzureTfCommand.PersistentFlags().StringVar( + &GenerateAzureCommandState.EventHubLocation, + "event_hub_location", + "", + "specify the location where the Event Hub for logging will reside") + + generateAzureTfCommand.PersistentFlags().IntVar( + &GenerateAzureCommandState.EventHubPartitionCount, + "event_hub_partition_count", + 1, + "specify the number of partitions for the Event Hub") + generateAzureTfCommand.PersistentFlags().StringVar( &GenerateAzureCommandState.StorageAccountName, "storage_account_name", @@ -492,6 +544,11 @@ func promptAzureIntegrationNameQuestions(config *azure.GenerateAzureTfConfigurat Checks: []*bool{&config.ActivityLog}, Response: &config.ActivityLogIntegrationName, }, + { + Prompt: &survey.Input{Message: QuestionEntraIdActivityLogName, Default: config.EntraIdIntegrationName}, + Checks: []*bool{&config.EntraIdActivityLog}, + Response: &config.EntraIdIntegrationName, + }, }); err != nil { return err } @@ -526,6 +583,51 @@ func promptAzureStorageAccountQuestions(config *azure.GenerateAzureTfConfigurati return nil } +// Similar to the above, prompt for event hub questions starting by asking for existing event hub namespace, if answer is no, then ask for event hub location. If answer is yes, then ask for namespace name. +func promptAzureEntraIdActivityLogQuestions(config *azure.GenerateAzureTfConfigurationArgs) error { + if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ + { + Prompt: &survey.Confirm{Message: QuestionUseExistingEventHubNamespace, Default: config.ExistingEventHubNamespace}, + Response: &config.ExistingEventHubNamespace, + }, + }); err != nil { + return err + } + + if !config.ExistingEventHubNamespace { + if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ + { + Prompt: &survey.Input{Message: QuestionEventHubLocation, Default: config.EventHubLocation}, + Required: true, + Response: &config.EventHubLocation, + }, + }); err != nil { + return err + } + } else { + if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ + { + Prompt: &survey.Input{Message: QuestionEventHubNamespaceName, Default: config.EventHubNamespaceName}, + Required: true, + Response: &config.EventHubNamespaceName, + }, + }); err != nil { + return err + } + } + + if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ + { + Prompt: &survey.Input{Message: QuestionEventHubPartitionCount, Default: strconv.Itoa(config.EventHubPartitionCount)}, + Response: &config.EventHubPartitionCount, + }, + }); err != nil { + return err + } + + return nil +} + func promptAzureSubscriptionQuestions(config *azure.GenerateAzureTfConfigurationArgs) error { if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ @@ -609,7 +711,7 @@ func promptCustomizeAzureOutputLocation(extraState *AzureGenerateCommandExtraSta return nil } -func promptCustomizeAzureLoggingRegion(config *azure.GenerateAzureTfConfigurationArgs) error { +func promptCustomizeAzureStorageLoggingRegion(config *azure.GenerateAzureTfConfigurationArgs) error { var region string if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ { @@ -619,13 +721,30 @@ func promptCustomizeAzureLoggingRegion(config *azure.GenerateAzureTfConfiguratio }); err != nil { return err } - if err := validateStorageLocation(region); err != nil { + if err := validateAzureLocation(region); err != nil { return err } config.StorageLocation = region return nil } +func promptCustomizeAzureEventHubLoggingRegion(config *azure.GenerateAzureTfConfigurationArgs) error { + var region string + if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ + { + Prompt: &survey.Input{Message: QuestionEventHubLocation, Default: config.EventHubLocation}, + Response: ®ion, + }, + }); err != nil { + return err + } + if err := validateAzureLocation(region); err != nil { + return err + } + config.EventHubLocation = region + return nil +} + func askAzureSubscriptionID(config *azure.GenerateAzureTfConfigurationArgs) error { var addSubscription bool @@ -678,6 +797,11 @@ func askAdvancedAzureOptions( options = append(options, AzureManagmentGroup) } + // Only show Entra ID options in the case of Entra ID integration + if config.EntraIdActivityLog { + options = append(options, AzureEntraIdAdvancedOpt) + } + options = append(options, AzureAdvancedOptLocation, AzureAdvancedOptDone) if err := SurveyQuestionInteractiveOnly(SurveyQuestionWithValidationArgs{ Prompt: &survey.Select{ @@ -699,6 +823,10 @@ func askAdvancedAzureOptions( if err := promptAzureStorageAccountQuestions(config); err != nil { return err } + case AzureEntraIdAdvancedOpt: + if err := promptAzureEntraIdActivityLogQuestions(config); err != nil { + return err + } case AzureSubscriptions: if err := promptAzureSubscriptionQuestions(config); err != nil { return err @@ -712,7 +840,7 @@ func askAdvancedAzureOptions( return err } case AzureRegionStorage: - if err := promptCustomizeAzureLoggingRegion(config); err != nil { + if err := promptCustomizeAzureStorageLoggingRegion(config); err != nil { return err } case AzureAdvancedOptLocation: @@ -784,12 +912,16 @@ func promptAzureGenerate( Prompt: &survey.Confirm{Message: QuestionEnableAdIntegration, Default: config.CreateAdIntegration}, Response: &config.CreateAdIntegration, }, + { + Prompt: &survey.Confirm{Message: QuestionEnableEntraIdActivityLog, Default: config.EntraIdActivityLog}, + Response: &config.EntraIdActivityLog, + }, }); err != nil { return err } // Validate one of config or activity log was enabled; otherwise error out - if !config.Config && !config.ActivityLog { + if !config.Config && !config.ActivityLog && !config.EntraIdActivityLog { return errors.New("must enable activity log or config") } diff --git a/cli/cmd/generate_azure_test.go b/cli/cmd/generate_azure_test.go index 370e7e5fb..069fbc5f9 100644 --- a/cli/cmd/generate_azure_test.go +++ b/cli/cmd/generate_azure_test.go @@ -42,20 +42,20 @@ func TestMissingValidEntity(t *testing.T) { } func TestValidStorageLocations(t *testing.T) { - err := validateStorageLocation("East US") + err := validateAzureLocation("East US") assert.Nil(t, err) - err = validateStorageLocation("Brazil Southeast") + err = validateAzureLocation("Brazil Southeast") assert.Nil(t, err) } func TestInvalidStorageLocations(t *testing.T) { - err := validateStorageLocation("Mars") + err := validateAzureLocation("Mars") assert.Error(t, err) - assert.Equal(t, "invalid storage location supplied", err.Error()) - err = validateStorageLocation("Jupiter") + assert.Equal(t, "invalid Azure region prvovided", err.Error()) + err = validateAzureLocation("Jupiter") assert.Error(t, err) - assert.Equal(t, "invalid storage location supplied", err.Error()) + assert.Equal(t, "invalid Azure region prvovided", err.Error()) } func TestAzureGenerationCache(t *testing.T) { diff --git a/integration/test_resources/help/generate_cloud-account_azure b/integration/test_resources/help/generate_cloud-account_azure index fe6401076..097e4ec7f 100644 --- a/integration/test_resources/help/generate_cloud-account_azure +++ b/integration/test_resources/help/generate_cloud-account_azure @@ -31,6 +31,12 @@ Flags: --apply run terraform apply for the generated hcl --configuration enable configuration integration --configuration_name string specify a custom configuration integration name + --entra_id_activity_log enable Entra ID activity log integration + --entra_id_activity_log_integration_name specify a custom Entra ID activity log integration name + --event_hub_location specify the location where the Event Hub for logging will reside + --event_hub_namespace specify the name of the Event Hub Namespace + --event_hub_partition_count specify the number of partitions for the Event Hub + --existing_event_hub_namespace use existing Event Hub Namespace --existing_storage use existing storage account -h, --help help for azure --location string specify azure region where storage account logging resides diff --git a/lwgenerate/azure/azure.go b/lwgenerate/azure/azure.go index 96560b682..21cb8bd04 100644 --- a/lwgenerate/azure/azure.go +++ b/lwgenerate/azure/azure.go @@ -14,6 +14,9 @@ type GenerateAzureTfConfigurationArgs struct { // Should we add Config integration in LW? Config bool + // Should we create an Entra ID integration in LW? + EntraIdActivityLog bool + // Should we create an Active Directory integration CreateAdIntegration bool @@ -23,6 +26,9 @@ type GenerateAzureTfConfigurationArgs struct { // If ActivityLog is true, give the user the opportunity to name their integration. Defaults to "TF activity log" ActivityLogIntegrationName string + // if EntraIdIntegration is true, give the user the opportunity to name their integration. Defaults to "TF activity log" + EntraIdIntegrationName string + // Active Directory application Id AdApplicationId string @@ -60,12 +66,24 @@ type GenerateAzureTfConfigurationArgs struct { StorageLocation string LaceworkProfile string + + // Existing Event Hub Namespace + ExistingEventHubNamespace bool + + // Event Hub Namespace Name + EventHubNamespaceName string + + // Azure region where the event hub for logging will reside + EventHubLocation string + + // Number of partitions in the Event Hub for logging + EventHubPartitionCount int } // Ensure all combinations of inputs are valid for supported spec func (args *GenerateAzureTfConfigurationArgs) validate() error { // Validate one of config or activity log was enabled; otherwise error out - if !args.ActivityLog && !args.Config { + if !args.ActivityLog && !args.Config && !args.EntraIdActivityLog { return errors.New("audit log or config integration must be enabled") } @@ -95,11 +113,12 @@ type AzureTerraformModifier func(c *GenerateAzureTfConfigurationArgs) // // Note: Additional configuration details may be set using modifiers of the AzureTerraformModifier type func NewTerraform( - enableConfig bool, enableActivityLog bool, createAdIntegration bool, mods ...AzureTerraformModifier, + enableConfig bool, enableActivityLog bool, enableEntraIdActivityLog, createAdIntegration bool, mods ...AzureTerraformModifier, ) *GenerateAzureTfConfigurationArgs { config := &GenerateAzureTfConfigurationArgs{ ActivityLog: enableActivityLog, Config: enableConfig, + EntraIdActivityLog: enableEntraIdActivityLog, CreateAdIntegration: createAdIntegration, } for _, m := range mods { @@ -122,6 +141,13 @@ func WithActivityLogIntegrationName(name string) AzureTerraformModifier { } } +// WithEntraIdActivityLogIntegrationName Set the Entra ID Activity Log Integration name to be displayed on the Lacework UI +func WithEntraIdActivityLogIntegrationName(name string) AzureTerraformModifier { + return func(c *GenerateAzureTfConfigurationArgs) { + c.EntraIdIntegrationName = name + } +} + // WithAdApplicationId Set Active Directory application id func WithAdApplicationId(AdApplicationId string) AzureTerraformModifier { return func(c *GenerateAzureTfConfigurationArgs) { @@ -201,6 +227,34 @@ func WithStorageLocation(location string) AzureTerraformModifier { } } +// WithExisitngEventHubNamespace Use an existing Event Hub Namespace +func WithExistingEventHubNamespace(existingEventHubNamespace bool) AzureTerraformModifier { + return func(c *GenerateAzureTfConfigurationArgs) { + c.ExistingEventHubNamespace = existingEventHubNamespace + } +} + +// WithEventHubNamespaceName The name of the Event Hub Namespace +func WithEventHubNamespaceName(eventHubNamespaceName string) AzureTerraformModifier { + return func(c *GenerateAzureTfConfigurationArgs) { + c.EventHubNamespaceName = eventHubNamespaceName + } +} + +// WithEventHubLocation The Azure region where the event hub for logging resides +func WithEventHubLocation(location string) AzureTerraformModifier { + return func(c *GenerateAzureTfConfigurationArgs) { + c.EventHubLocation = location + } +} + +// WitthEventHubPartitionCount The number of partitions in the Event Hub for logging +func WithEventHubPartitionCount(partitionCount int) AzureTerraformModifier { + return func(c *GenerateAzureTfConfigurationArgs) { + c.EventHubPartitionCount = partitionCount + } +} + func WithLaceworkProfile(name string) AzureTerraformModifier { return func(c *GenerateAzureTfConfigurationArgs) { c.LaceworkProfile = name @@ -256,6 +310,11 @@ func (args *GenerateAzureTfConfigurationArgs) Generate() (string, error) { return "", errors.Wrap(err, "failed to generate azure activity log module") } + entraIdActivityLogModule, err := createEntraIdActivityLog(args) + if err != nil { + return "", errors.Wrap(err, "failed to generate azure Entra ID activity log module") + } + // Render hclBlocks := lwgenerate.CreateHclStringOutput( lwgenerate.CombineHclBlocks( @@ -265,7 +324,8 @@ func (args *GenerateAzureTfConfigurationArgs) Generate() (string, error) { azureRMProvider, laceworkADProvider, configModule, - activityLogModule), + activityLogModule, + entraIdActivityLogModule), ) return hclBlocks, nil } @@ -497,3 +557,59 @@ func createActivityLog(args *GenerateAzureTfConfigurationArgs) ([]*hclwrite.Bloc } return blocks, nil } + +func createEntraIdActivityLog(args *GenerateAzureTfConfigurationArgs) ([]*hclwrite.Block, error) { + blocks := []*hclwrite.Block{} + if args.EntraIdActivityLog { + attributes := map[string]interface{}{} + moduleDetails := []lwgenerate.HclModuleModifier{} + + if args.EntraIdIntegrationName != "" { + attributes["lacework_integration_name"] = args.EntraIdIntegrationName + } + + // Check if we have created an Active Directory integration + if args.CreateAdIntegration { + attributes["use_existing_ad_application"] = false + attributes["application_id"] = lwgenerate.CreateSimpleTraversal( + []string{"module", "az_ad_application", "application_id"}) + attributes["application_password"] = lwgenerate.CreateSimpleTraversal( + []string{"module", "az_ad_application", "application_password"}) + attributes["service_principal_id"] = lwgenerate.CreateSimpleTraversal( + []string{"module", "az_ad_application", "service_principal_id"}) + } else { + attributes["use_existing_ad_application"] = true + attributes["application_id"] = args.AdApplicationId + attributes["application_password"] = args.AdApplicationPassword + attributes["service_principal_id"] = args.AdServicePrincipalId + } + + attributes["use_existing_eventhub_namespace"] = args.ExistingEventHubNamespace + if args.ExistingEventHubNamespace { + attributes["eventhub_namespace_name"] = args.EventHubNamespaceName + } else { + if args.EventHubLocation != "" { + attributes["location"] = args.EventHubLocation + } + } + if args.EventHubPartitionCount > 0 { + attributes["num_partitions"] = args.EventHubPartitionCount + } + + moduleDetails = append(moduleDetails, + lwgenerate.HclModuleWithAttributes(attributes), + ) + + moduleBlock, err := lwgenerate.NewModule( + "azure-microsoft-entra-id-activity-log", + lwgenerate.LWAzureEntraIdActivityLogSource, + append(moduleDetails, lwgenerate.HclModuleWithVersion(lwgenerate.LWAzureEntraIdActivityLogVersion))..., + ).ToBlock() + + if err != nil { + return nil, err + } + blocks = append(blocks, moduleBlock) + } + return blocks, nil +} diff --git a/lwgenerate/azure/azure_test.go b/lwgenerate/azure/azure_test.go index 5aa66af3d..2e32010f8 100644 --- a/lwgenerate/azure/azure_test.go +++ b/lwgenerate/azure/azure_test.go @@ -20,7 +20,7 @@ func getFileContent(filename string) (string, error) { func TestGenerationActivityLogWithoutConfig(t *testing.T) { ActivityLogWithoutConfig, fileErr := getFileContent("test-data/activity_log_without_config.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, true, true).Generate() + hcl, err := azure.NewTerraform(false, true, false, true).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogWithoutConfig, hcl) @@ -29,7 +29,7 @@ func TestGenerationActivityLogWithoutConfig(t *testing.T) { func TestGenerationActivityLogWithConfig(t *testing.T) { var ActivityLogWithConfig, fileErr = getFileContent("test-data/activity_log_with_config.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, true, true).Generate() + hcl, err := azure.NewTerraform(true, true, false, true).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogWithConfig, hcl) @@ -38,14 +38,14 @@ func TestGenerationActivityLogWithConfig(t *testing.T) { func TestGenerationConfigWithoutActivityLog(t *testing.T) { ConfigWithoutActivityLog, fileErr := getFileContent("test-data/config_without_activity_log.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, false, true).Generate() + hcl, err := azure.NewTerraform(true, false, false, true).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ConfigWithoutActivityLog, hcl) } func TestGenerationWithoutActivityLogOrConfig(t *testing.T) { - hcl, err := azure.NewTerraform(false, false, true).Generate() + hcl, err := azure.NewTerraform(false, false, false, true).Generate() assert.NotNil(t, err) assert.True(t, strings.Contains(errors.Unwrap(err).Error(), "invalid inputs")) assert.Empty(t, hcl) @@ -53,7 +53,7 @@ func TestGenerationWithoutActivityLogOrConfig(t *testing.T) { func TestGenerationRenamedConfig(t *testing.T) { RenamedConfig, fileErr := getFileContent("test-data/renamed_config.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, false, true, + hcl, err := azure.NewTerraform(true, false, false, true, azure.WithConfigIntegrationName("Test Config Rename"), ).Generate() assert.Nil(t, err) @@ -64,7 +64,7 @@ func TestGenerationRenamedConfig(t *testing.T) { func TestGenerationRenamedActivityLog(t *testing.T) { RenamedActivityLog, fileErr := getFileContent("test-data/renamed_activity_log.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, true, true, + hcl, err := azure.NewTerraform(false, true, false, true, azure.WithActivityLogIntegrationName("Test Activity Log Rename"), ).Generate() assert.Nil(t, err) @@ -75,7 +75,7 @@ func TestGenerationRenamedActivityLog(t *testing.T) { func TestGenerationRenamedConfigAndActivityLog(t *testing.T) { RenamedConfigAndActivityLog, fileErr := getFileContent("test-data/renamed_config_and_activity_log.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, true, true, + hcl, err := azure.NewTerraform(true, true, false, true, azure.WithConfigIntegrationName("Test Config Rename"), azure.WithActivityLogIntegrationName("Test Activity Log Rename"), ).Generate() @@ -85,7 +85,7 @@ func TestGenerationRenamedConfigAndActivityLog(t *testing.T) { } func TestGenerationNoActiveDirectorySettings(t *testing.T) { - hcl, err := azure.NewTerraform(true, true, false, + hcl, err := azure.NewTerraform(true, true, false, false, azure.WithConfigIntegrationName("Test Config Rename"), azure.WithActivityLogIntegrationName("Test Activity Log Rename"), ).Generate() @@ -96,7 +96,7 @@ func TestGenerationNoActiveDirectorySettings(t *testing.T) { func TestGenerationCustomActiveDirectory(t *testing.T) { CustomADDetails, fileErr := getFileContent("test-data/customer-ad-details.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, true, false, + hcl, err := azure.NewTerraform(true, true, false, false, azure.WithConfigIntegrationName("Test Config Rename"), azure.WithActivityLogIntegrationName("Test Activity Log Rename"), azure.WithAdApplicationPassword("AD-Test-Password"), @@ -111,7 +111,7 @@ func TestGenerationCustomActiveDirectory(t *testing.T) { func TestGenerationActivityLogWithExistingStorageAccount(t *testing.T) { ActivityLogWithStorage, fileErr := getFileContent("test-data/activity-log-with-existing-storage.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, true, true, + hcl, err := azure.NewTerraform(false, true, false, true, azure.WithExistingStorageAccount(true), azure.WithStorageAccountName("Test-Storage-Account-Name"), azure.WithStorageAccountResourceGroup("Test-Storage-Account-Resource-Group"), @@ -124,7 +124,7 @@ func TestGenerationActivityLogWithExistingStorageAccount(t *testing.T) { func TestGenerationActivityLogWithAllSubscriptions(t *testing.T) { ActivityLogAllSubs, fileErr := getFileContent("test-data/activity-log-with-all-subscriptions.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, true, true, + hcl, err := azure.NewTerraform(false, true, false, true, azure.WithAllSubscriptions(true), ).Generate() assert.Nil(t, err) @@ -135,7 +135,7 @@ func TestGenerationActivityLogWithAllSubscriptions(t *testing.T) { func TestGenerationConfigWithAllSubscriptions(t *testing.T) { ConfigAllSubs, fileErr := getFileContent("test-data/config-with-all-subscriptions.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, false, true, + hcl, err := azure.NewTerraform(true, false, false, true, azure.WithAllSubscriptions(true), ).Generate() assert.Nil(t, err) @@ -146,7 +146,7 @@ func TestGenerationConfigWithAllSubscriptions(t *testing.T) { func TestGenerationConfigWithManagementGroup(t *testing.T) { ConfigWithMgmtGroup, fileErr := getFileContent("test-data/config-with-management-group.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, false, true, + hcl, err := azure.NewTerraform(true, false, false, true, azure.WithManagementGroup(true), azure.WithManagementGroupId("test-management-group-1"), ).Generate() @@ -156,7 +156,7 @@ func TestGenerationConfigWithManagementGroup(t *testing.T) { } func TestGenerationConfigWithManagementGroupError(t *testing.T) { - hcl, err := azure.NewTerraform(true, false, true, + hcl, err := azure.NewTerraform(true, false, false, true, azure.WithManagementGroup(true), ).Generate() assert.NotNil(t, err) @@ -168,7 +168,7 @@ func TestGenerationActivityLogWithSubscriptionsList(t *testing.T) { ActivityLogWithSubscriptions, fileErr := getFileContent("test-data/activity-log-with-list-subscriptions.tf") assert.Nil(t, fileErr) testIds := []string{"test-id-1", "test-id-2", "test-id-3"} - hcl, err := azure.NewTerraform(false, true, true, + hcl, err := azure.NewTerraform(false, true, false, true, azure.WithSubscriptionIds(testIds), ).Generate() assert.Nil(t, err) @@ -180,7 +180,7 @@ func TestGenerationConfigWithSubscriptionsList(t *testing.T) { ConfigWithSubscriptions, fileErr := getFileContent("test-data/config-log-with-list-subscriptions.tf") assert.Nil(t, fileErr) testIds := []string{"test-id-1", "test-id-2", "test-id-3"} - hcl, err := azure.NewTerraform(true, false, true, + hcl, err := azure.NewTerraform(true, false, false, true, azure.WithSubscriptionIds(testIds), ).Generate() assert.Nil(t, err) @@ -191,7 +191,7 @@ func TestGenerationConfigWithSubscriptionsList(t *testing.T) { func TestGenerationLocation(t *testing.T) { ActivityLogLocation, fileErr := getFileContent("test-data/activity-log-with-location.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, true, true, + hcl, err := azure.NewTerraform(false, true, false, true, azure.WithStorageLocation("West US 2"), ).Generate() assert.Nil(t, err) @@ -203,7 +203,7 @@ func TestGenerationWithLaceworkProvider(t *testing.T) { laceworkProfile, fileErr := getFileContent("test-data/activity-log-with-lacework-profile.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, true, true, azure.WithLaceworkProfile("test-profile")).Generate() + hcl, err := azure.NewTerraform(false, true, false, true, azure.WithLaceworkProfile("test-profile")).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, laceworkProfile, hcl) @@ -213,8 +213,44 @@ func TestGenerationAzureRmProviderWithSubscriptionID(t *testing.T) { configWithSubscription, fileErr := getFileContent("test-data/config-with-azurerm-subscription.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, false, true, azure.WithSubscriptionID("test-subscription")).Generate() + hcl, err := azure.NewTerraform(true, false, false, true, azure.WithSubscriptionID("test-subscription")).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, configWithSubscription, hcl) } + +func TestGenerationEntraIDActivityLog(t *testing.T) { + ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-no-custom-input.tf") + assert.Nil(t, fileErr) + hcl, err := azure.NewTerraform(false, false, true, true, azure.WithExistingEventHubNamespace(false)).Generate() + assert.Nil(t, err) + assert.NotNil(t, hcl) + assert.Equal(t, ActivityLogEntraID, hcl) +} + +func TestGenerationEntraIDActivityLogExistingActiveDirectoryApp(t *testing.T) { + ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-existing-ad-app.tf") + assert.Nil(t, fileErr) + hcl, err := azure.NewTerraform(false, false, true, false, azure.WithExistingEventHubNamespace(false), azure.WithAdApplicationId("testID"), azure.WithAdApplicationPassword("pass"), azure.WithAdServicePrincipalId("principal")).Generate() + assert.Nil(t, err) + assert.NotNil(t, hcl) + assert.Equal(t, ActivityLogEntraID, hcl) +} + +func TestGenerationEntraIDActivityLogExistingEventHubNamespace(t *testing.T) { + ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-existing-event-hub-ns.tf") + assert.Nil(t, fileErr) + hcl, err := azure.NewTerraform(false, false, true, true, azure.WithExistingEventHubNamespace(true), azure.WithEventHubNamespaceName("testEventHubNamespace")).Generate() + assert.Nil(t, err) + assert.NotNil(t, hcl) + assert.Equal(t, ActivityLogEntraID, hcl) +} + +func TestGenerationEntraIDActivityLogEventHubLocationAndPartition(t *testing.T) { + ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-event-hub-location-and-partition.tf") + assert.Nil(t, fileErr) + hcl, err := azure.NewTerraform(false, false, true, true, azure.WithExistingEventHubNamespace(false), azure.WithEventHubLocation("West US 2"), azure.WithEventHubPartitionCount(2)).Generate() + assert.Nil(t, err) + assert.NotNil(t, hcl) + assert.Equal(t, ActivityLogEntraID, hcl) +} diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf b/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf new file mode 100644 index 000000000..b0e23641e --- /dev/null +++ b/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf @@ -0,0 +1,33 @@ +terraform { + required_providers { + lacework = { + source = "lacework/lacework" + version = "~> 1.0" + } + } +} + +provider "azuread" { +} + +provider "azurerm" { + features { + } +} + +module "az_ad_application" { + source = "lacework/ad-application/azure" + version = "~> 1.0" +} + +module "azure-microsoft-entra-id-activity-log" { + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = module.az_ad_application.application_id + application_password = module.az_ad_application.application_password + location = "West US 2" + num_partitions = 2 + service_principal_id = module.az_ad_application.service_principal_id + use_existing_ad_application = false + use_existing_eventhub_namespace = false +} diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf b/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf new file mode 100644 index 000000000..6512a50c6 --- /dev/null +++ b/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf @@ -0,0 +1,26 @@ +terraform { + required_providers { + lacework = { + source = "lacework/lacework" + version = "~> 1.0" + } + } +} + +provider "azuread" { +} + +provider "azurerm" { + features { + } +} + +module "azure-microsoft-entra-id-activity-log" { + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = "testID" + application_password = "pass" + service_principal_id = "principal" + use_existing_ad_application = true + use_existing_eventhub_namespace = false +} diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf b/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf new file mode 100644 index 000000000..1625fb646 --- /dev/null +++ b/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf @@ -0,0 +1,32 @@ +terraform { + required_providers { + lacework = { + source = "lacework/lacework" + version = "~> 1.0" + } + } +} + +provider "azuread" { +} + +provider "azurerm" { + features { + } +} + +module "az_ad_application" { + source = "lacework/ad-application/azure" + version = "~> 1.0" +} + +module "azure-microsoft-entra-id-activity-log" { + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = module.az_ad_application.application_id + application_password = module.az_ad_application.application_password + eventhub_namespace_name = "testEventHubNamespace" + service_principal_id = module.az_ad_application.service_principal_id + use_existing_ad_application = false + use_existing_eventhub_namespace = true +} diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf b/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf new file mode 100644 index 000000000..dcee3b0da --- /dev/null +++ b/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf @@ -0,0 +1,31 @@ +terraform { + required_providers { + lacework = { + source = "lacework/lacework" + version = "~> 1.0" + } + } +} + +provider "azuread" { +} + +provider "azurerm" { + features { + } +} + +module "az_ad_application" { + source = "lacework/ad-application/azure" + version = "~> 1.0" +} + +module "azure-microsoft-entra-id-activity-log" { + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = module.az_ad_application.application_id + application_password = module.az_ad_application.application_password + service_principal_id = module.az_ad_application.service_principal_id + use_existing_ad_application = false + use_existing_eventhub_namespace = false +} diff --git a/lwgenerate/constants.go b/lwgenerate/constants.go index 3f9a9f9d6..964ca6e7c 100644 --- a/lwgenerate/constants.go +++ b/lwgenerate/constants.go @@ -18,12 +18,14 @@ const ( AwsEksAuditSource = "lacework/eks-audit-log/aws" AwsEksAuditVersion = "~> 1.0" - LWAzureConfigSource = "lacework/config/azure" - LWAzureConfigVersion = "~> 2.0" - LWAzureActivityLogSource = "lacework/activity-log/azure" - LWAzureActivityLogVersion = "~> 2.0" - LWAzureADSource = "lacework/ad-application/azure" - LWAzureADVersion = "~> 1.0" + LWAzureConfigSource = "lacework/config/azure" + LWAzureConfigVersion = "~> 2.0" + LWAzureActivityLogSource = "lacework/activity-log/azure" + LWAzureActivityLogVersion = "~> 2.0" + LWAzureEntraIdActivityLogSource = "lacework/entra-id-activity-log/azure" + LWAzureEntraIdActivityLogVersion = "~> 1.0" + LWAzureADSource = "lacework/ad-application/azure" + LWAzureADVersion = "~> 1.0" GcpAgentlessSource = "lacework/agentless-scanning/gcp" GcpAgentlessVersion = "~> 0.1" From 026b4420b9c4de7e0de3491a660cd3a7cf223729 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Mon, 1 Jul 2024 09:49:41 -0700 Subject: [PATCH 02/12] fix: remove event hub ns --- cli/cmd/generate_azure.go | 65 ++----------------- .../help/generate_cloud-account_azure | 4 +- lwgenerate/azure/azure.go | 30 +-------- lwgenerate/azure/azure_test.go | 15 +---- ...ty-log-event-hub-location-and-partition.tf | 17 +++-- .../entra-id-activity-log-existing-ad-app.tf | 13 ++-- ...a-id-activity-log-existing-event-hub-ns.tf | 14 ++-- .../entra-id-activity-log-no-custom-input.tf | 13 ++-- 8 files changed, 39 insertions(+), 132 deletions(-) diff --git a/cli/cmd/generate_azure.go b/cli/cmd/generate_azure.go index 9177ed5a3..a961f1e23 100644 --- a/cli/cmd/generate_azure.go +++ b/cli/cmd/generate_azure.go @@ -30,10 +30,8 @@ var ( QuestionAzureCustomizeOutputLocation = "Provide the location for the output to be written:" // EntraID Activity Log - QuestionUseExistingEventHubNamespace = "Use an existing Event Hub Namespace?" - QuestionEventHubNamespaceName = "Specify existing Event Hub Namespace name" - QuestionEventHubLocation = "Specify Azure region where the event hub for logging will reside" - QuestionEventHubPartitionCount = "Specify the number of partitions in the event hub for logging" + QuestionEventHubLocation = "Specify Azure region where the event hub for logging will reside" + QuestionEventHubPartitionCount = "Specify the number of partitions in the event hub for logging" // Active Directory QuestionEnableAdIntegration = "Create Active Directory Integration?" @@ -194,8 +192,6 @@ the new cloud account. In interactive mode, this command will: azure.WithActivityLogIntegrationName(GenerateAzureCommandState.ActivityLogIntegrationName), azure.WithConfigIntegrationName(GenerateAzureCommandState.ConfigIntegrationName), azure.WithEntraIdActivityLogIntegrationName(GenerateAzureCommandState.EntraIdIntegrationName), - azure.WithExistingEventHubNamespace(GenerateAzureCommandState.ExistingEventHubNamespace), - azure.WithEventHubNamespaceName(GenerateAzureCommandState.EventHubNamespaceName), azure.WithEventHubLocation(GenerateAzureCommandState.EventHubLocation), azure.WithEventHubPartitionCount(GenerateAzureCommandState.EventHubPartitionCount), } @@ -437,18 +433,6 @@ func initGenerateAzureTfCommandFlags() { false, "use existing storage account") - generateAzureTfCommand.PersistentFlags().BoolVar( - &GenerateAzureCommandState.ExistingEventHubNamespace, - "existing_event_hub_namespace", - false, - "use existing Event Hub Namespace") - - generateAzureTfCommand.PersistentFlags().StringVar( - &GenerateAzureCommandState.EventHubNamespaceName, - "event_hub_namespace", - "", - "specify the name of the Event Hub Namespace") - generateAzureTfCommand.PersistentFlags().StringVar( &GenerateAzureCommandState.EventHubLocation, "event_hub_location", @@ -585,37 +569,17 @@ func promptAzureStorageAccountQuestions(config *azure.GenerateAzureTfConfigurati // Similar to the above, prompt for event hub questions starting by asking for existing event hub namespace, if answer is no, then ask for event hub location. If answer is yes, then ask for namespace name. func promptAzureEntraIdActivityLogQuestions(config *azure.GenerateAzureTfConfigurationArgs) error { + if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ { - Prompt: &survey.Confirm{Message: QuestionUseExistingEventHubNamespace, Default: config.ExistingEventHubNamespace}, - Response: &config.ExistingEventHubNamespace, + Prompt: &survey.Input{Message: QuestionEventHubLocation, Default: config.EventHubLocation}, + Required: true, + Response: &config.EventHubLocation, }, }); err != nil { return err } - if !config.ExistingEventHubNamespace { - if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ - { - Prompt: &survey.Input{Message: QuestionEventHubLocation, Default: config.EventHubLocation}, - Required: true, - Response: &config.EventHubLocation, - }, - }); err != nil { - return err - } - } else { - if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ - { - Prompt: &survey.Input{Message: QuestionEventHubNamespaceName, Default: config.EventHubNamespaceName}, - Required: true, - Response: &config.EventHubNamespaceName, - }, - }); err != nil { - return err - } - } - if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ { Prompt: &survey.Input{Message: QuestionEventHubPartitionCount, Default: strconv.Itoa(config.EventHubPartitionCount)}, @@ -728,23 +692,6 @@ func promptCustomizeAzureStorageLoggingRegion(config *azure.GenerateAzureTfConfi return nil } -func promptCustomizeAzureEventHubLoggingRegion(config *azure.GenerateAzureTfConfigurationArgs) error { - var region string - if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ - { - Prompt: &survey.Input{Message: QuestionEventHubLocation, Default: config.EventHubLocation}, - Response: ®ion, - }, - }); err != nil { - return err - } - if err := validateAzureLocation(region); err != nil { - return err - } - config.EventHubLocation = region - return nil -} - func askAzureSubscriptionID(config *azure.GenerateAzureTfConfigurationArgs) error { var addSubscription bool diff --git a/integration/test_resources/help/generate_cloud-account_azure b/integration/test_resources/help/generate_cloud-account_azure index 097e4ec7f..dfa9b58e5 100644 --- a/integration/test_resources/help/generate_cloud-account_azure +++ b/integration/test_resources/help/generate_cloud-account_azure @@ -33,10 +33,8 @@ Flags: --configuration_name string specify a custom configuration integration name --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name specify a custom Entra ID activity log integration name - --event_hub_location specify the location where the Event Hub for logging will reside - --event_hub_namespace specify the name of the Event Hub Namespace + --event_hub_location specify the location where the Event Hub for logging will reside --event_hub_partition_count specify the number of partitions for the Event Hub - --existing_event_hub_namespace use existing Event Hub Namespace --existing_storage use existing storage account -h, --help help for azure --location string specify azure region where storage account logging resides diff --git a/lwgenerate/azure/azure.go b/lwgenerate/azure/azure.go index 21cb8bd04..be6c0dc95 100644 --- a/lwgenerate/azure/azure.go +++ b/lwgenerate/azure/azure.go @@ -67,12 +67,6 @@ type GenerateAzureTfConfigurationArgs struct { LaceworkProfile string - // Existing Event Hub Namespace - ExistingEventHubNamespace bool - - // Event Hub Namespace Name - EventHubNamespaceName string - // Azure region where the event hub for logging will reside EventHubLocation string @@ -227,20 +221,6 @@ func WithStorageLocation(location string) AzureTerraformModifier { } } -// WithExisitngEventHubNamespace Use an existing Event Hub Namespace -func WithExistingEventHubNamespace(existingEventHubNamespace bool) AzureTerraformModifier { - return func(c *GenerateAzureTfConfigurationArgs) { - c.ExistingEventHubNamespace = existingEventHubNamespace - } -} - -// WithEventHubNamespaceName The name of the Event Hub Namespace -func WithEventHubNamespaceName(eventHubNamespaceName string) AzureTerraformModifier { - return func(c *GenerateAzureTfConfigurationArgs) { - c.EventHubNamespaceName = eventHubNamespaceName - } -} - // WithEventHubLocation The Azure region where the event hub for logging resides func WithEventHubLocation(location string) AzureTerraformModifier { return func(c *GenerateAzureTfConfigurationArgs) { @@ -584,14 +564,10 @@ func createEntraIdActivityLog(args *GenerateAzureTfConfigurationArgs) ([]*hclwri attributes["service_principal_id"] = args.AdServicePrincipalId } - attributes["use_existing_eventhub_namespace"] = args.ExistingEventHubNamespace - if args.ExistingEventHubNamespace { - attributes["eventhub_namespace_name"] = args.EventHubNamespaceName - } else { - if args.EventHubLocation != "" { - attributes["location"] = args.EventHubLocation - } + if args.EventHubLocation != "" { + attributes["location"] = args.EventHubLocation } + if args.EventHubPartitionCount > 0 { attributes["num_partitions"] = args.EventHubPartitionCount } diff --git a/lwgenerate/azure/azure_test.go b/lwgenerate/azure/azure_test.go index 2e32010f8..1c1e24d6d 100644 --- a/lwgenerate/azure/azure_test.go +++ b/lwgenerate/azure/azure_test.go @@ -222,7 +222,7 @@ func TestGenerationAzureRmProviderWithSubscriptionID(t *testing.T) { func TestGenerationEntraIDActivityLog(t *testing.T) { ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-no-custom-input.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, false, true, true, azure.WithExistingEventHubNamespace(false)).Generate() + hcl, err := azure.NewTerraform(false, false, true, true).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogEntraID, hcl) @@ -231,16 +231,7 @@ func TestGenerationEntraIDActivityLog(t *testing.T) { func TestGenerationEntraIDActivityLogExistingActiveDirectoryApp(t *testing.T) { ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-existing-ad-app.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, false, true, false, azure.WithExistingEventHubNamespace(false), azure.WithAdApplicationId("testID"), azure.WithAdApplicationPassword("pass"), azure.WithAdServicePrincipalId("principal")).Generate() - assert.Nil(t, err) - assert.NotNil(t, hcl) - assert.Equal(t, ActivityLogEntraID, hcl) -} - -func TestGenerationEntraIDActivityLogExistingEventHubNamespace(t *testing.T) { - ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-existing-event-hub-ns.tf") - assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, false, true, true, azure.WithExistingEventHubNamespace(true), azure.WithEventHubNamespaceName("testEventHubNamespace")).Generate() + hcl, err := azure.NewTerraform(false, false, true, false, azure.WithAdApplicationId("testID"), azure.WithAdApplicationPassword("pass"), azure.WithAdServicePrincipalId("principal")).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogEntraID, hcl) @@ -249,7 +240,7 @@ func TestGenerationEntraIDActivityLogExistingEventHubNamespace(t *testing.T) { func TestGenerationEntraIDActivityLogEventHubLocationAndPartition(t *testing.T) { ActivityLogEntraID, fileErr := getFileContent("test-data/entra-id-activity-log-event-hub-location-and-partition.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(false, false, true, true, azure.WithExistingEventHubNamespace(false), azure.WithEventHubLocation("West US 2"), azure.WithEventHubPartitionCount(2)).Generate() + hcl, err := azure.NewTerraform(false, false, true, true, azure.WithEventHubLocation("West US 2"), azure.WithEventHubPartitionCount(2)).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogEntraID, hcl) diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf b/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf index b0e23641e..b32a26fbb 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf @@ -21,13 +21,12 @@ module "az_ad_application" { } module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" - application_id = module.az_ad_application.application_id - application_password = module.az_ad_application.application_password - location = "West US 2" - num_partitions = 2 - service_principal_id = module.az_ad_application.service_principal_id - use_existing_ad_application = false - use_existing_eventhub_namespace = false + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = module.az_ad_application.application_id + application_password = module.az_ad_application.application_password + location = "West US 2" + num_partitions = 2 + service_principal_id = module.az_ad_application.service_principal_id + use_existing_ad_application = false } diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf b/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf index 6512a50c6..68bdf5f34 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf @@ -16,11 +16,10 @@ provider "azurerm" { } module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" - application_id = "testID" - application_password = "pass" - service_principal_id = "principal" - use_existing_ad_application = true - use_existing_eventhub_namespace = false + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = "testID" + application_password = "pass" + service_principal_id = "principal" + use_existing_ad_application = true } diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf b/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf index 1625fb646..8e1d28550 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf @@ -21,12 +21,10 @@ module "az_ad_application" { } module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" - application_id = module.az_ad_application.application_id - application_password = module.az_ad_application.application_password - eventhub_namespace_name = "testEventHubNamespace" - service_principal_id = module.az_ad_application.service_principal_id - use_existing_ad_application = false - use_existing_eventhub_namespace = true + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = module.az_ad_application.application_id + application_password = module.az_ad_application.application_passwor + service_principal_id = module.az_ad_application.service_principal_id + use_existing_ad_application = false } diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf b/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf index dcee3b0da..595dca226 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf @@ -21,11 +21,10 @@ module "az_ad_application" { } module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" - application_id = module.az_ad_application.application_id - application_password = module.az_ad_application.application_password - service_principal_id = module.az_ad_application.service_principal_id - use_existing_ad_application = false - use_existing_eventhub_namespace = false + source = "lacework/entra-id-activity-log/azure" + version = "~> 1.0" + application_id = module.az_ad_application.application_id + application_password = module.az_ad_application.application_password + service_principal_id = module.az_ad_application.service_principal_id + use_existing_ad_application = false } From b27ed336765045f6cab064bee61456f583f96fc0 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Mon, 1 Jul 2024 09:58:39 -0700 Subject: [PATCH 03/12] test: fix azure tests --- lwgenerate/azure/azure_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lwgenerate/azure/azure_test.go b/lwgenerate/azure/azure_test.go index 6e1982eeb..fab832a66 100644 --- a/lwgenerate/azure/azure_test.go +++ b/lwgenerate/azure/azure_test.go @@ -43,7 +43,7 @@ func TestGenerationActivityLogWithConfigAndExtraBlocks(t *testing.T) { assert.Nil(t, fileErr) extraBlock, err := lwgenerate.HclCreateGenericBlock("variable", []string{"var_name"}, nil) assert.NoError(t, err) - hcl, err := azure.NewTerraform(true, true, true, azure.WithExtraBlocks([]*hclwrite.Block{extraBlock})).Generate() + hcl, err := azure.NewTerraform(true, true, false, true, azure.WithExtraBlocks([]*hclwrite.Block{extraBlock})).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogWithConfig, hcl) @@ -52,7 +52,7 @@ func TestGenerationActivityLogWithConfigAndExtraBlocks(t *testing.T) { func TestGenerationActivityLogWithConfigAndExtraAzureRMProviderBlocks(t *testing.T) { var ActivityLogWithConfig, fileErr = getFileContent("test-data/activity_log_with_config_provider_args.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, true, true, azure.WithExtraAZRMArguments(map[string]interface{}{"foo": "bar"})).Generate() + hcl, err := azure.NewTerraform(true, true, false, true, azure.WithExtraAZRMArguments(map[string]interface{}{"foo": "bar"})).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogWithConfig, hcl) @@ -61,7 +61,7 @@ func TestGenerationActivityLogWithConfigAndExtraAzureRMProviderBlocks(t *testing func TestGenerationActivityLogWithConfigAndExtraAZUReadProviderBlocks(t *testing.T) { var ActivityLogWithConfig, fileErr = getFileContent("test-data/activity_log_with_config_azureadprovider_args.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, true, true, azure.WithExtraAZReadArguments(map[string]interface{}{"foo": "bar"})).Generate() + hcl, err := azure.NewTerraform(true, true, false, true, azure.WithExtraAZReadArguments(map[string]interface{}{"foo": "bar"})).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogWithConfig, hcl) @@ -72,7 +72,7 @@ func TestGenerationActivityLogWithConfigAndCustomBackendBlock(t *testing.T) { assert.NoError(t, err) var ActivityLogWithConfig, fileErr = getFileContent("test-data/activity_log_with_config_root_blocks.tf") assert.Nil(t, fileErr) - hcl, err := azure.NewTerraform(true, true, true, azure.WithExtraRootBlocks([]*hclwrite.Block{customBlock})).Generate() + hcl, err := azure.NewTerraform(true, true, false, true, azure.WithExtraRootBlocks([]*hclwrite.Block{customBlock})).Generate() assert.Nil(t, err) assert.NotNil(t, hcl) assert.Equal(t, ActivityLogWithConfig, hcl) From b91618266c5d2aaf44ec90c3e6113575fb2b11a3 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Mon, 1 Jul 2024 10:27:05 -0700 Subject: [PATCH 04/12] test: fix azure integration test --- integration/azure_generation_test.go | 56 +++++++++++++++++++--------- 1 file changed, 39 insertions(+), 17 deletions(-) diff --git a/integration/azure_generation_test.go b/integration/azure_generation_test.go index 1dfc2e48f..3e43a46d7 100644 --- a/integration/azure_generation_test.go +++ b/integration/azure_generation_test.go @@ -67,6 +67,7 @@ func TestGenerationAzureSimple(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{cmd.QuestionRunTfPlan, "n"}, @@ -83,7 +84,7 @@ func TestGenerationAzureSimple(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, true, true).Generate() + buildTf, _ := azure.NewTerraform(true, true, false, true).Generate() assert.Equal(t, buildTf, tfResult) } @@ -108,6 +109,7 @@ func TestGenerationAzureCustomizedOutputLocation(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, MsgMenu{cmd.AzureAdvancedOptDone, 5}, @@ -129,7 +131,7 @@ func TestGenerationAzureCustomizedOutputLocation(t *testing.T) { result, _ := os.ReadFile(filepath.FromSlash(fmt.Sprintf("%s/main.tf", dir))) // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, true, true).Generate() + buildTf, _ := azure.NewTerraform(true, true, false, true).Generate() assert.Equal(t, buildTf, string(result)) } @@ -147,6 +149,7 @@ func TestGenerationAzureConfigOnly(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "n"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{cmd.QuestionRunTfPlan, "n"}, @@ -163,7 +166,7 @@ func TestGenerationAzureConfigOnly(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, false, true).Generate() + buildTf, _ := azure.NewTerraform(true, false, false, true).Generate() assert.Equal(t, buildTf, tfResult) } @@ -181,6 +184,7 @@ func TestGenerationAzureActivityLogOnly(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{cmd.QuestionRunTfPlan, "n"}, @@ -197,7 +201,7 @@ func TestGenerationAzureActivityLogOnly(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(false, true, true).Generate() + buildTf, _ := azure.NewTerraform(false, true, false, true).Generate() assert.Equal(t, buildTf, tfResult) } @@ -218,6 +222,7 @@ func TestGenerationAzureNoADEnabled(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "n"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, MsgMenu{cmd.AzureAdvancedOptLocation, 2}, @@ -239,7 +244,7 @@ func TestGenerationAzureNoADEnabled(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, true, false, + buildTf, _ := azure.NewTerraform(true, true, false, false, azure.WithAdApplicationPassword(pass), azure.WithAdServicePrincipalId(principalId), azure.WithAdApplicationId(applicationId), @@ -263,6 +268,7 @@ func _TestGenerationAzureNamedConfig(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "n"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -285,7 +291,7 @@ func _TestGenerationAzureNamedConfig(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, false, true, + buildTf, _ := azure.NewTerraform(true, false, false, true, azure.WithConfigIntegrationName(configName), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -307,6 +313,7 @@ func _TestGenerationAzureNamedActivityLog(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -329,7 +336,7 @@ func _TestGenerationAzureNamedActivityLog(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(false, true, true, + buildTf, _ := azure.NewTerraform(false, true, false, true, azure.WithActivityLogIntegrationName(activityName)).Generate() assert.Equal(t, buildTf, tfResult) } @@ -348,6 +355,7 @@ func TestGenerationAzureAdvancedOptsDone(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -366,7 +374,7 @@ func TestGenerationAzureAdvancedOptsDone(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, true, true).Generate() + buildTf, _ := azure.NewTerraform(true, true, false, true).Generate() assert.Equal(t, buildTf, tfResult) } @@ -396,6 +404,7 @@ func TestGenerationAzureWithExistingTerraform(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, MsgMenu{cmd.AzureAdvancedOptDone, 5}, @@ -435,6 +444,7 @@ func TestGenerationAzureConfigAllSubs(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "n"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, MsgMenu{cmd.AzureAdvancedOptDone, 1}, @@ -455,7 +465,7 @@ func TestGenerationAzureConfigAllSubs(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, false, true, + buildTf, _ := azure.NewTerraform(true, false, false, true, azure.WithAllSubscriptions(true), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -476,6 +486,7 @@ func TestGenerationAzureConfigMgmntGroup(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "n"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -498,7 +509,7 @@ func TestGenerationAzureConfigMgmntGroup(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, false, true, + buildTf, _ := azure.NewTerraform(true, false, false, true, azure.WithManagementGroup(true), azure.WithManagementGroupId(mgmtGrpId), ).Generate() @@ -520,6 +531,7 @@ func TestGenerationAzureConfigSubs(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "n"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -543,7 +555,7 @@ func TestGenerationAzureConfigSubs(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, false, true, + buildTf, _ := azure.NewTerraform(true, false, false, true, azure.WithSubscriptionIds(testIds), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -564,6 +576,7 @@ func TestGenerationAzureActivityLogSubs(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -587,7 +600,7 @@ func TestGenerationAzureActivityLogSubs(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(false, true, true, + buildTf, _ := azure.NewTerraform(false, true, false, true, azure.WithSubscriptionIds(testIds), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -609,6 +622,7 @@ func TestGenerationAzureActivityLogStorageAccount(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -634,7 +648,7 @@ func TestGenerationAzureActivityLogStorageAccount(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(false, true, true, + buildTf, _ := azure.NewTerraform(false, true, false, true, azure.WithExistingStorageAccount(true), azure.WithStorageAccountName(storageAccountName), azure.WithStorageAccountResourceGroup(storageResourceGrp), @@ -656,6 +670,7 @@ func TestGenerationAzureActivityLogAllSubs(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -678,7 +693,7 @@ func TestGenerationAzureActivityLogAllSubs(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(false, true, true, + buildTf, _ := azure.NewTerraform(false, true, false, true, azure.WithAllSubscriptions(true), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -699,6 +714,7 @@ func TestGenerationAzureActivityLogLocation(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "y"}, @@ -721,7 +737,7 @@ func TestGenerationAzureActivityLogLocation(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(false, true, true, + buildTf, _ := azure.NewTerraform(false, true, false, true, azure.WithStorageLocation(region), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -745,6 +761,7 @@ func TestGenerationAzureOverwrite(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{cmd.QuestionRunTfPlan, "n"}, @@ -764,6 +781,7 @@ func TestGenerationAzureOverwrite(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{"already exists, overwrite?", "n"}, @@ -800,6 +818,7 @@ func TestGenerationAzureOverwriteOutput(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{cmd.QuestionRunTfPlan, "n"}, @@ -821,6 +840,7 @@ func TestGenerationAzureOverwriteOutput(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{"already exists, overwrite?", "n"}, @@ -851,6 +871,7 @@ func TestGenerationAzureLaceworkProfile(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "n"}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, MsgRsp{cmd.QuestionRunTfPlan, "n"}, @@ -867,7 +888,7 @@ func TestGenerationAzureLaceworkProfile(t *testing.T) { assert.Nil(t, runError) assert.Contains(t, final, "Terraform code saved in") - buildTf, _ := azure.NewTerraform(true, true, true, + buildTf, _ := azure.NewTerraform(true, true, false, true, azure.WithLaceworkProfile(azProfile), ).Generate() assert.Equal(t, buildTf, tfResult) @@ -887,6 +908,7 @@ func TestGenerationAzureWithSubscriptionID(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "y"}, MsgRsp{cmd.QuestionEnableActivityLog, "y"}, MsgRsp{cmd.QuestionEnableAdIntegration, "y"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgRsp{cmd.QuestionAddAzureSubscriptionID, "y"}, MsgRsp{cmd.QuestionAzureSubscriptionID, mockSubscriptionID}, MsgRsp{cmd.QuestionAzureConfigAdvanced, "n"}, @@ -904,7 +926,7 @@ func TestGenerationAzureWithSubscriptionID(t *testing.T) { assert.Contains(t, final, "Terraform code saved in") // Create the TF directly with lwgenerate and validate same result via CLI - buildTf, _ := azure.NewTerraform(true, true, true, azure.WithSubscriptionID(mockSubscriptionID)).Generate() + buildTf, _ := azure.NewTerraform(true, true, false, true, azure.WithSubscriptionID(mockSubscriptionID)).Generate() assert.Equal(t, buildTf, tfResult) } From a78162fbfaf444caac67e171b233a20e07ae3522 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Mon, 1 Jul 2024 10:53:22 -0700 Subject: [PATCH 05/12] fix: resolve linting errors --- cli/cmd/generate_azure.go | 1 - lwgenerate/azure/azure.go | 9 ++++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/cli/cmd/generate_azure.go b/cli/cmd/generate_azure.go index a961f1e23..1f7a3dc07 100644 --- a/cli/cmd/generate_azure.go +++ b/cli/cmd/generate_azure.go @@ -567,7 +567,6 @@ func promptAzureStorageAccountQuestions(config *azure.GenerateAzureTfConfigurati return nil } -// Similar to the above, prompt for event hub questions starting by asking for existing event hub namespace, if answer is no, then ask for event hub location. If answer is yes, then ask for namespace name. func promptAzureEntraIdActivityLogQuestions(config *azure.GenerateAzureTfConfigurationArgs) error { if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ diff --git a/lwgenerate/azure/azure.go b/lwgenerate/azure/azure.go index bfc2505a5..37bae84d7 100644 --- a/lwgenerate/azure/azure.go +++ b/lwgenerate/azure/azure.go @@ -26,7 +26,8 @@ type GenerateAzureTfConfigurationArgs struct { // If ActivityLog is true, give the user the opportunity to name their integration. Defaults to "TF activity log" ActivityLogIntegrationName string - // if EntraIdIntegration is true, give the user the opportunity to name their integration. Defaults to "TF activity log" + // If EntraIdIntegration is true, give the user the opportunity to name their integration. + // Defaults to "TF Entra ID activity log" EntraIdIntegrationName string // Active Directory application Id @@ -122,7 +123,8 @@ type AzureTerraformModifier func(c *GenerateAzureTfConfigurationArgs) // // Note: Additional configuration details may be set using modifiers of the AzureTerraformModifier type func NewTerraform( - enableConfig bool, enableActivityLog bool, enableEntraIdActivityLog, createAdIntegration bool, mods ...AzureTerraformModifier, + enableConfig bool, enableActivityLog bool, enableEntraIdActivityLog, createAdIntegration bool, + mods ...AzureTerraformModifier, ) *GenerateAzureTfConfigurationArgs { config := &GenerateAzureTfConfigurationArgs{ ActivityLog: enableActivityLog, @@ -188,7 +190,8 @@ func WithActivityLogIntegrationName(name string) AzureTerraformModifier { } } -// WithEntraIdActivityLogIntegrationName Set the Entra ID Activity Log Integration name to be displayed on the Lacework UI +// WithEntraIdActivityLogIntegrationName Set the Entra ID Activity Log Integration name +// to be displayed on the Lacework UI func WithEntraIdActivityLogIntegrationName(name string) AzureTerraformModifier { return func(c *GenerateAzureTfConfigurationArgs) { c.EntraIdIntegrationName = name From f5b908a23f08f795669d0c2d5d2e142ae9738e6c Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Mon, 1 Jul 2024 11:30:18 -0700 Subject: [PATCH 06/12] chore: update README --- .../lacework_generate_cloud-account_azure.md | 44 +++++++++-------- .../help/generate_cloud-account_azure | 48 +++++++++---------- 2 files changed, 48 insertions(+), 44 deletions(-) diff --git a/cli/docs/lacework_generate_cloud-account_azure.md b/cli/docs/lacework_generate_cloud-account_azure.md index ccbd936f3..e06894ca1 100644 --- a/cli/docs/lacework_generate_cloud-account_azure.md +++ b/cli/docs/lacework_generate_cloud-account_azure.md @@ -34,26 +34,30 @@ lacework generate cloud-account azure [flags] ### Options ``` - --activity_log enable active log integration - --activity_log_integration_name string specify a custom activity log integration name - --ad_create create new active directory integration (default true) - --ad_id string existing active directory application id - --ad_pass string existing active directory application password - --ad_pid string existing active directory application service principle id - --all_subscriptions subscription ids grant read access to ALL subscriptions within Tenant (overrides subscription ids) - --apply run terraform apply for the generated hcl - --configuration enable configuration integration - --configuration_name string specify a custom configuration integration name - --existing_storage use existing storage account - -h, --help help for azure - --location string specify azure region where storage account logging resides - --management_group management group level integration - --management_group_id string specify management group id. Required if mgmt_group provided - --output string location to write generated content (default is ~/lacework/azure) - --storage_account_name string specify storage account name - --storage_resource_group string specify storage resource group - --subscription_id string specify the Azure Subscription ID to be used to provision Lacework resources - --subscription_ids strings list of subscriptions to grant read access; format is id1,id2,id3 + --activity_log enable active log integration + --activity_log_integration_name string specify a custom activity log integration name + --ad_create create new active directory integration (default true) + --ad_id string existing active directory application id + --ad_pass string existing active directory application password + --ad_pid string existing active directory application service principle id + --all_subscriptions subscription ids grant read access to ALL subscriptions within Tenant (overrides subscription ids) + --apply run terraform apply for the generated hcl + --configuration enable configuration integration + --configuration_name string specify a custom configuration integration name + --entra_id_activity_log enable Entra ID activity log integration + --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name + --event_hub_location string specify the location where the Event Hub for logging will reside + --event_hub_partition_count specify the number of partitions for the Event Hub + --existing_storage use existing storage account + -h, --help help for azure + --location string specify azure region where storage account logging resides + --management_group management group level integration + --management_group_id string specify management group id. Required if mgmt_group provided + --output string location to write generated content (default is ~/lacework/azure) + --storage_account_name string specify storage account name + --storage_resource_group string specify storage resource group + --subscription_id string specify the Azure Subscription ID to be used to provision Lacework resources + --subscription_ids strings list of subscriptions to grant read access; format is id1,id2,id3 ``` ### Options inherited from parent commands diff --git a/integration/test_resources/help/generate_cloud-account_azure b/integration/test_resources/help/generate_cloud-account_azure index dfa9b58e5..d0af39397 100644 --- a/integration/test_resources/help/generate_cloud-account_azure +++ b/integration/test_resources/help/generate_cloud-account_azure @@ -21,30 +21,30 @@ Aliases: azure, az Flags: - --activity_log enable active log integration - --activity_log_integration_name string specify a custom activity log integration name - --ad_create create new active directory integration (default true) - --ad_id string existing active directory application id - --ad_pass string existing active directory application password - --ad_pid string existing active directory application service principle id - --all_subscriptions subscription ids grant read access to ALL subscriptions within Tenant (overrides subscription ids) - --apply run terraform apply for the generated hcl - --configuration enable configuration integration - --configuration_name string specify a custom configuration integration name - --entra_id_activity_log enable Entra ID activity log integration - --entra_id_activity_log_integration_name specify a custom Entra ID activity log integration name - --event_hub_location specify the location where the Event Hub for logging will reside - --event_hub_partition_count specify the number of partitions for the Event Hub - --existing_storage use existing storage account - -h, --help help for azure - --location string specify azure region where storage account logging resides - --management_group management group level integration - --management_group_id string specify management group id. Required if mgmt_group provided - --output string location to write generated content (default is ~/lacework/azure) - --storage_account_name string specify storage account name - --storage_resource_group string specify storage resource group - --subscription_id string specify the Azure Subscription ID to be used to provision Lacework resources - --subscription_ids strings list of subscriptions to grant read access; format is id1,id2,id3 + --activity_log enable active log integration + --activity_log_integration_name string specify a custom activity log integration name + --ad_create create new active directory integration (default true) + --ad_id string existing active directory application id + --ad_pass string existing active directory application password + --ad_pid string existing active directory application service principle id + --all_subscriptions subscription ids grant read access to ALL subscriptions within Tenant (overrides subscription ids) + --apply run terraform apply for the generated hcl + --configuration enable configuration integration + --configuration_name string specify a custom configuration integration name + --entra_id_activity_log enable Entra ID activity log integration + --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name + --event_hub_location string specify the location where the Event Hub for logging will reside + --event_hub_partition_count specify the number of partitions for the Event Hub + --existing_storage use existing storage account + -h, --help help for azure + --location string specify azure region where storage account logging resides + --management_group management group level integration + --management_group_id string specify management group id. Required if mgmt_group provided + --output string location to write generated content (default is ~/lacework/azure) + --storage_account_name string specify storage account name + --storage_resource_group string specify storage resource group + --subscription_id string specify the Azure Subscription ID to be used to provision Lacework resources + --subscription_ids strings list of subscriptions to grant read access; format is id1,id2,id3 Global Flags: -a, --account string account subdomain of URL (i.e. .lacework.net) From 302cf3dd03b0c57b938e4509358b43c746458068 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Mon, 1 Jul 2024 11:31:16 -0700 Subject: [PATCH 07/12] fix: linting --- cli/cmd/generate_azure.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cli/cmd/generate_azure.go b/cli/cmd/generate_azure.go index 1f7a3dc07..34724f39d 100644 --- a/cli/cmd/generate_azure.go +++ b/cli/cmd/generate_azure.go @@ -581,7 +581,8 @@ func promptAzureEntraIdActivityLogQuestions(config *azure.GenerateAzureTfConfigu if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{ { - Prompt: &survey.Input{Message: QuestionEventHubPartitionCount, Default: strconv.Itoa(config.EventHubPartitionCount)}, + Prompt: &survey.Input{Message: QuestionEventHubPartitionCount, + Default: strconv.Itoa(config.EventHubPartitionCount)}, Response: &config.EventHubPartitionCount, }, }); err != nil { From 92c5ee68e72ee13038d58a9e33ecef6f37301616 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Thu, 15 Aug 2024 15:26:39 -0700 Subject: [PATCH 08/12] fix(cli): update tf module source and version --- lwgenerate/azure/azure.go | 2 +- ...ntra-id-activity-log-event-hub-location-and-partition.tf | 6 +++--- .../test-data/entra-id-activity-log-existing-ad-app.tf | 6 +++--- .../entra-id-activity-log-existing-event-hub-ns.tf | 6 +++--- .../test-data/entra-id-activity-log-no-custom-input.tf | 6 +++--- lwgenerate/constants.go | 4 ++-- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lwgenerate/azure/azure.go b/lwgenerate/azure/azure.go index 37bae84d7..e1fb2f987 100644 --- a/lwgenerate/azure/azure.go +++ b/lwgenerate/azure/azure.go @@ -657,7 +657,7 @@ func createEntraIdActivityLog(args *GenerateAzureTfConfigurationArgs) ([]*hclwri ) moduleBlock, err := lwgenerate.NewModule( - "azure-microsoft-entra-id-activity-log", + "microsoft-entra-id-activity-log", lwgenerate.LWAzureEntraIdActivityLogSource, append(moduleDetails, lwgenerate.HclModuleWithVersion(lwgenerate.LWAzureEntraIdActivityLogVersion))..., ).ToBlock() diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf b/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf index b32a26fbb..ad69a4a04 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-event-hub-location-and-partition.tf @@ -20,9 +20,9 @@ module "az_ad_application" { version = "~> 1.0" } -module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" +module "microsoft-entra-id-activity-log" { + source = "lacework/microsoft-entra-id-activity-log/azure" + version = "~> 0.2" application_id = module.az_ad_application.application_id application_password = module.az_ad_application.application_password location = "West US 2" diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf b/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf index 68bdf5f34..3555295a4 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-existing-ad-app.tf @@ -15,9 +15,9 @@ provider "azurerm" { } } -module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" +module "microsoft-entra-id-activity-log" { + source = "lacework/microsoft-entra-id-activity-log/azure" + version = "~> 0.2" application_id = "testID" application_password = "pass" service_principal_id = "principal" diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf b/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf index 8e1d28550..be17974d7 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-existing-event-hub-ns.tf @@ -20,9 +20,9 @@ module "az_ad_application" { version = "~> 1.0" } -module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" +module "microsoft-entra-id-activity-log" { + source = "lacework/microsoft-entra-id-activity-log/azure" + version = "~> 0.2" application_id = module.az_ad_application.application_id application_password = module.az_ad_application.application_passwor service_principal_id = module.az_ad_application.service_principal_id diff --git a/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf b/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf index 595dca226..1992b4b32 100644 --- a/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf +++ b/lwgenerate/azure/test-data/entra-id-activity-log-no-custom-input.tf @@ -20,9 +20,9 @@ module "az_ad_application" { version = "~> 1.0" } -module "azure-microsoft-entra-id-activity-log" { - source = "lacework/entra-id-activity-log/azure" - version = "~> 1.0" +module "microsoft-entra-id-activity-log" { + source = "lacework/microsoft-entra-id-activity-log/azure" + version = "~> 0.2" application_id = module.az_ad_application.application_id application_password = module.az_ad_application.application_password service_principal_id = module.az_ad_application.service_principal_id diff --git a/lwgenerate/constants.go b/lwgenerate/constants.go index 141039900..56c56c84d 100644 --- a/lwgenerate/constants.go +++ b/lwgenerate/constants.go @@ -22,8 +22,8 @@ const ( LWAzureConfigVersion = "~> 2.0" LWAzureActivityLogSource = "lacework/activity-log/azure" LWAzureActivityLogVersion = "~> 2.0" - LWAzureEntraIdActivityLogSource = "lacework/entra-id-activity-log/azure" - LWAzureEntraIdActivityLogVersion = "~> 1.0" + LWAzureEntraIdActivityLogSource = "lacework/microsoft-entra-id-activity-log/azure" + LWAzureEntraIdActivityLogVersion = "~> 0.2" LWAzureADSource = "lacework/ad-application/azure" LWAzureADVersion = "~> 1.0" From 76f92ee0e058063b14f74ce5cbbbc3aa60456323 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Thu, 15 Aug 2024 15:54:21 -0700 Subject: [PATCH 09/12] fix: readme --- cli/docs/lacework_generate_cloud-account_azure.md | 4 ++-- integration/test_resources/help/generate_cloud-account_azure | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cli/docs/lacework_generate_cloud-account_azure.md b/cli/docs/lacework_generate_cloud-account_azure.md index e06894ca1..f4a04ea5b 100644 --- a/cli/docs/lacework_generate_cloud-account_azure.md +++ b/cli/docs/lacework_generate_cloud-account_azure.md @@ -34,7 +34,7 @@ lacework generate cloud-account azure [flags] ### Options ``` - --activity_log enable active log integration + --activity_log enable activity log integration --activity_log_integration_name string specify a custom activity log integration name --ad_create create new active directory integration (default true) --ad_id string existing active directory application id @@ -47,7 +47,7 @@ lacework generate cloud-account azure [flags] --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name --event_hub_location string specify the location where the Event Hub for logging will reside - --event_hub_partition_count specify the number of partitions for the Event Hub + --event_hub_partition_count int specify the number of partitions for the Event Hub --existing_storage use existing storage account -h, --help help for azure --location string specify azure region where storage account logging resides diff --git a/integration/test_resources/help/generate_cloud-account_azure b/integration/test_resources/help/generate_cloud-account_azure index d0af39397..f472ac13e 100644 --- a/integration/test_resources/help/generate_cloud-account_azure +++ b/integration/test_resources/help/generate_cloud-account_azure @@ -21,7 +21,7 @@ Aliases: azure, az Flags: - --activity_log enable active log integration + --activity_log enable activity log integration --activity_log_integration_name string specify a custom activity log integration name --ad_create create new active directory integration (default true) --ad_id string existing active directory application id @@ -34,7 +34,7 @@ Flags: --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name --event_hub_location string specify the location where the Event Hub for logging will reside - --event_hub_partition_count specify the number of partitions for the Event Hub + --event_hub_partition_count int specify the number of partitions for the Event Hub --existing_storage use existing storage account -h, --help help for azure --location string specify azure region where storage account logging resides From d3d11a2b56ac6c16f89b5221f0b72cb250be0372 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Thu, 15 Aug 2024 16:03:21 -0700 Subject: [PATCH 10/12] fix: intg test + readme --- cli/docs/lacework_generate_cloud-account_azure.md | 2 +- integration/test_resources/help/generate_cloud-account_azure | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cli/docs/lacework_generate_cloud-account_azure.md b/cli/docs/lacework_generate_cloud-account_azure.md index f4a04ea5b..7307c54dd 100644 --- a/cli/docs/lacework_generate_cloud-account_azure.md +++ b/cli/docs/lacework_generate_cloud-account_azure.md @@ -47,7 +47,7 @@ lacework generate cloud-account azure [flags] --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name --event_hub_location string specify the location where the Event Hub for logging will reside - --event_hub_partition_count int specify the number of partitions for the Event Hub + --event_hub_partition_count int specify the number of partitions for the Event Hub (default 1) --existing_storage use existing storage account -h, --help help for azure --location string specify azure region where storage account logging resides diff --git a/integration/test_resources/help/generate_cloud-account_azure b/integration/test_resources/help/generate_cloud-account_azure index f472ac13e..6cbe3760b 100644 --- a/integration/test_resources/help/generate_cloud-account_azure +++ b/integration/test_resources/help/generate_cloud-account_azure @@ -34,7 +34,7 @@ Flags: --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name --event_hub_location string specify the location where the Event Hub for logging will reside - --event_hub_partition_count int specify the number of partitions for the Event Hub + --event_hub_partition_count int specify the number of partitions for the Event Hub (default 1) --existing_storage use existing storage account -h, --help help for azure --location string specify azure region where storage account logging resides From 66b68b08d7d24558f0a092dc969903a1c57b9d71 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Thu, 15 Aug 2024 16:16:37 -0700 Subject: [PATCH 11/12] fix: fmt --- cli/docs/lacework_generate_cloud-account_azure.md | 2 +- integration/test_resources/help/generate_cloud-account_azure | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cli/docs/lacework_generate_cloud-account_azure.md b/cli/docs/lacework_generate_cloud-account_azure.md index 7307c54dd..f9922ade7 100644 --- a/cli/docs/lacework_generate_cloud-account_azure.md +++ b/cli/docs/lacework_generate_cloud-account_azure.md @@ -46,7 +46,7 @@ lacework generate cloud-account azure [flags] --configuration_name string specify a custom configuration integration name --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name - --event_hub_location string specify the location where the Event Hub for logging will reside + --event_hub_location string specify the location where the Event Hub for logging will reside --event_hub_partition_count int specify the number of partitions for the Event Hub (default 1) --existing_storage use existing storage account -h, --help help for azure diff --git a/integration/test_resources/help/generate_cloud-account_azure b/integration/test_resources/help/generate_cloud-account_azure index 6cbe3760b..fc59264c3 100644 --- a/integration/test_resources/help/generate_cloud-account_azure +++ b/integration/test_resources/help/generate_cloud-account_azure @@ -33,7 +33,7 @@ Flags: --configuration_name string specify a custom configuration integration name --entra_id_activity_log enable Entra ID activity log integration --entra_id_activity_log_integration_name string specify a custom Entra ID activity log integration name - --event_hub_location string specify the location where the Event Hub for logging will reside + --event_hub_location string specify the location where the Event Hub for logging will reside --event_hub_partition_count int specify the number of partitions for the Event Hub (default 1) --existing_storage use existing storage account -h, --help help for azure From 3b9b2694f21016482d672c6aa2a5e6476f32dea3 Mon Sep 17 00:00:00 2001 From: Manan Bhatia Date: Thu, 15 Aug 2024 16:29:44 -0700 Subject: [PATCH 12/12] test: add intg test case for no selection --- integration/azure_generation_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/integration/azure_generation_test.go b/integration/azure_generation_test.go index 3e43a46d7..0e07e99df 100644 --- a/integration/azure_generation_test.go +++ b/integration/azure_generation_test.go @@ -41,6 +41,7 @@ func TestGenerationAzureErrorOnNoSelection(t *testing.T) { MsgRsp{cmd.QuestionAzureEnableConfig, "n"}, MsgRsp{cmd.QuestionEnableActivityLog, "n"}, MsgRsp{cmd.QuestionEnableAdIntegration, "n"}, + MsgRsp{cmd.QuestionEnableEntraIdActivityLog, "n"}, MsgOnly{"ERROR collecting/confirming parameters: must enable activity log or config"}, }) },