Documentation ¶
Overview ¶
Copyright (c) Microsoft Corporation. Licensed under the MIT License.
Index ¶
- Constants
- func LogResourceGroupScan(subscriptionID string, resourceGroupName string, serviceName string)
- func LogSubscriptionScan(subscriptionID string, serviceName string)
- func MaskSubscriptionID(subscriptionID string, mask bool) string
- func ParseLocation(location string) string
- type AdvisorResult
- type AdvisorScanner
- type ArmBatchRequest
- type ArmBatchRequestItem
- type ArmBatchResponse
- type ArmBatchResponseItem
- type AzureRule
- type AzureRuleResult
- type AzureServiceResult
- type CostResult
- type CostResultItem
- type CostScanner
- type DefenderResult
- type DefenderScanner
- type DiagnosticSettingsScanner
- type IAzureScanner
- type OverviewField
- type PrivateEndpointScanner
- type PublicIPScanner
- type RuleEngine
- type RulesCategory
- type RulesSubCategory
- type ScanContext
- type ScannerConfig
- type SeverityType
Constants ¶
const ( SeverityHigh SeverityType = "High" SeverityMedium SeverityType = "Medium" SeverityLow SeverityType = "Low" RulesCategoryReliability RulesCategory = "Reliability" RulesCategorySecurity RulesCategory = "Security" RulesCategoryCostOptimization RulesCategory = "Cost Optimization" RulesCategoryOperationalExcellence RulesCategory = "Operational Excellence" RulesCategoryPerformanceEfficienccy RulesCategory = "Performance Efficiency" RulesSubcategoryReliabilityAvailabilityZones RulesSubCategory = "Availability Zones" RulesSubcategoryReliabilitySLA RulesSubCategory = "SLA" RulesSubcategoryReliabilitySKU RulesSubCategory = "SKU" RulesSubcategoryReliabilityScaling RulesSubCategory = "Scaling" RulesSubcategoryReliabilityDiagnosticLogs RulesSubCategory = "Diagnostic Logs" RulesSubcategoryReliabilityMonitoring RulesSubCategory = "Monitoring" RulesSubcategoryReliabilityReliability RulesSubCategory = "Reliability" RulesSubcategoryReliabilityMaintenance RulesSubCategory = "Maintenance" RulesSubcategoryOperationalExcellenceCAF RulesSubCategory = "Naming Convention (CAF)" RulesSubcategoryOperationalExcellenceTags RulesSubCategory = "Tags" RulesSubcategoryOperationalExcellenceRetentionPolicies RulesSubCategory = "Retention Policies" RulesSubcategorySecurityNetworkSecurityGroups RulesSubCategory = "Network Security Groups" RulesSubcategorySecuritySSL RulesSubCategory = "SSL" RulesSubcategorySecurityHTTPS RulesSubCategory = "HTTPS Only" RulesSubcategorySecurityCyphers RulesSubCategory = "Cyphers" RulesSubcategorySecurityCertificates RulesSubCategory = "Certificates" RulesSubcategorySecurityTLS RulesSubCategory = "TLS" RulesSubcategorySecurityPrivateEndpoint RulesSubCategory = "Private Endpoint" RulesSubcategorySecurityPrivateIP RulesSubCategory = "Private IP Address" RulesSubcategorySecurityFirewall RulesSubCategory = "Firewall" RulesSubcategorySecurityIdentity RulesSubCategory = "Identity and Access Control" RulesSubcategorySecurityNetworking RulesSubCategory = "Networking" RulesSubcategorySecurityDiskEncryption RulesSubCategory = "Disk Encryption" RulesSubcategorySecurity RulesSubCategory = "Security" RulesSubcategoryPerformanceEfficienccyNetworking RulesSubCategory = "Networking" )
Variables ¶
This section is empty.
Functions ¶
func LogResourceGroupScan ¶
func LogSubscriptionScan ¶
func MaskSubscriptionID ¶
func ParseLocation ¶
Types ¶
type AdvisorResult ¶
type AdvisorResult struct {
SubscriptionID, Name, Type, Category, Description, PotentialBenefits, Risk, LearnMoreLink string
}
AdvisorResult - Advisor result
func (AdvisorResult) GetProperties ¶
func (a AdvisorResult) GetProperties() []string
GetProperties - Returns the properties of the AdvisorResult
type AdvisorScanner ¶
type AdvisorScanner struct {
// contains filtered or unexported fields
}
AdvisorScanner - Advisor scanner
func (*AdvisorScanner) Init ¶
func (s *AdvisorScanner) Init(config *ScannerConfig) error
Init - Initializes the Advisor Scanner
func (*AdvisorScanner) ListRecommendations ¶
func (s *AdvisorScanner) ListRecommendations() ([]AdvisorResult, error)
ListRecommendations - Lists Azure Advisor recommendations.
type ArmBatchRequest ¶
type ArmBatchRequest struct {
Requests []ArmBatchRequestItem `json:"requests"`
}
type ArmBatchRequestItem ¶
type ArmBatchResponse ¶
type ArmBatchResponse struct {
Responses []ArmBatchResponseItem `json:"responses"`
}
type ArmBatchResponseItem ¶
type ArmBatchResponseItem struct {
Content armmonitor.DiagnosticSettingsResourceCollection `json:"content"`
}
type AzureRule ¶
type AzureRule struct { Id string Category RulesCategory Subcategory RulesSubCategory Description string Severity SeverityType Url string Field OverviewField Eval func(target interface{}, scanContext *ScanContext) (bool, string) }
type AzureRuleResult ¶
type AzureRuleResult struct { Id string Category RulesCategory Subcategory RulesSubCategory Description string Severity SeverityType Learn string Result string Field OverviewField IsBroken bool }
type AzureServiceResult ¶
type AzureServiceResult struct { SubscriptionID string ResourceGroup string Location string Type string ServiceName string Rules map[string]AzureRuleResult }
AzureServiceResult - Struct for all Azure Service Results
func (AzureServiceResult) GetHeaders ¶
func (r AzureServiceResult) GetHeaders() []string
GetHeaders - Returns the headers of the Azure Service Result
func (AzureServiceResult) GetResourceType ¶
func (r AzureServiceResult) GetResourceType() string
GetResourceType - Returns the resource type of the Azure Service Result
type CostResult ¶
type CostResult struct {
From, To time.Time
Items []*CostResultItem
}
CostResult - Cost result
func (CostResult) GetProperties ¶
func (d CostResult) GetProperties() []string
GetProperties - Returns the properties of the CostResult
type CostResultItem ¶
type CostResultItem struct {
SubscriptionID, ServiceName, Value, Currency string
}
CostResultItem - Cost result ite,
type CostScanner ¶
type CostScanner struct {
// contains filtered or unexported fields
}
CostScanner - Cost scanner
func (*CostScanner) Init ¶
func (s *CostScanner) Init(config *ScannerConfig) error
Init - Initializes the Cost Scanner
func (*CostScanner) QueryCosts ¶
func (s *CostScanner) QueryCosts() (*CostResult, error)
QueryCosts - Query Costs.
type DefenderResult ¶
DefenderResult - Defender result
func (DefenderResult) GetProperties ¶
func (d DefenderResult) GetProperties() []string
GetProperties - Returns the properties of the DefenderResult
type DefenderScanner ¶
type DefenderScanner struct {
// contains filtered or unexported fields
}
DefenderScanner - Defender scanner
func (*DefenderScanner) Init ¶
func (s *DefenderScanner) Init(config *ScannerConfig) error
Init - Initializes the Defender Scanner
func (*DefenderScanner) ListConfiguration ¶
func (s *DefenderScanner) ListConfiguration() ([]DefenderResult, error)
ListConfiguration - Lists Microsoft Defender for Cloud pricing configurations in the subscription.
type DiagnosticSettingsScanner ¶
type DiagnosticSettingsScanner struct {
// contains filtered or unexported fields
}
DiagnosticSettingsScanner - scanner for diagnostic settings
func (*DiagnosticSettingsScanner) Init ¶
func (d *DiagnosticSettingsScanner) Init(config *ScannerConfig) error
Init - Initializes the DiagnosticSettingsScanner
func (*DiagnosticSettingsScanner) ListResourcesWithDiagnosticSettings ¶
func (d *DiagnosticSettingsScanner) ListResourcesWithDiagnosticSettings() (map[string]bool, error)
ListResourcesWithDiagnosticSettings - Lists all resources with diagnostic settings
type IAzureScanner ¶
type IAzureScanner interface { Init(config *ScannerConfig) error GetRules() map[string]AzureRule Scan(resourceGroupName string, scanContext *ScanContext) ([]AzureServiceResult, error) }
IAzureScanner - Interface for all Azure Scanners
type OverviewField ¶
type OverviewField int
const ( OverviewFieldNone OverviewField = iota OverviewFieldSKU OverviewFieldSLA OverviewFieldAZ OverviewFieldPrivate OverviewFieldDiagnostics OverviewFieldCAF )
type PrivateEndpointScanner ¶
type PrivateEndpointScanner struct {
// contains filtered or unexported fields
}
PrivateEndpointScanner - Scanner for Private Endpoints
func (*PrivateEndpointScanner) Init ¶
func (s *PrivateEndpointScanner) Init(config *ScannerConfig) error
Init - Initializes the PrivateEndpointScanner
func (*PrivateEndpointScanner) ListResourcesWithPrivateEndpoints ¶
func (s *PrivateEndpointScanner) ListResourcesWithPrivateEndpoints() (map[string]bool, error)
ListResourcesWithPrivateEndpoints - Lists all resources with private endpoints
type PublicIPScanner ¶
type PublicIPScanner struct {
// contains filtered or unexported fields
}
PublicIPScanner - Scanner for Public IPs
func (*PublicIPScanner) Init ¶
func (s *PublicIPScanner) Init(config *ScannerConfig) error
Init - Initializes the PublicIPScanner
func (*PublicIPScanner) ListPublicIPs ¶
func (s *PublicIPScanner) ListPublicIPs() (map[string]*armnetwork.PublicIPAddress, error)
ListPublicIPs - Lists all Public IPs
type RuleEngine ¶
type RuleEngine struct{}
func (*RuleEngine) EvaluateRule ¶
func (e *RuleEngine) EvaluateRule(rule AzureRule, target interface{}, scanContext *ScanContext) AzureRuleResult
func (*RuleEngine) EvaluateRules ¶
func (e *RuleEngine) EvaluateRules(rules map[string]AzureRule, target interface{}, scanContext *ScanContext) map[string]AzureRuleResult
type RulesCategory ¶
type RulesCategory string
type RulesSubCategory ¶
type RulesSubCategory string
type ScanContext ¶
type ScanContext struct { PrivateEndpoints map[string]bool DiagnosticsSettings map[string]bool PublicIPs map[string]*armnetwork.PublicIPAddress SiteConfig *armappservice.WebAppsClientGetConfigurationResponse }
ScanContext - Struct for Scanner Context
type ScannerConfig ¶
type ScannerConfig struct { Ctx context.Context Cred azcore.TokenCredential SubscriptionID string ClientOptions *arm.ClientOptions }
ScannerConfig - Struct for Scanner Config
type SeverityType ¶
type SeverityType string