github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/pkg/providers/aws/cloudtrail/cloudtrail.go (about)

     1  package cloudtrail
     2  
     3  import (
     4  	defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types"
     5  )
     6  
     7  type CloudTrail struct {
     8  	Trails []Trail
     9  }
    10  
    11  func (c CloudTrail) MultiRegionTrails() (multiRegionTrails []Trail) {
    12  	for _, trail := range c.Trails {
    13  		if trail.IsMultiRegion.IsTrue() {
    14  			multiRegionTrails = append(multiRegionTrails, trail)
    15  		}
    16  	}
    17  	return multiRegionTrails
    18  }
    19  
    20  type Trail struct {
    21  	Metadata                  defsecTypes.Metadata
    22  	Name                      defsecTypes.StringValue
    23  	EnableLogFileValidation   defsecTypes.BoolValue
    24  	IsMultiRegion             defsecTypes.BoolValue
    25  	KMSKeyID                  defsecTypes.StringValue
    26  	CloudWatchLogsLogGroupArn defsecTypes.StringValue
    27  	IsLogging                 defsecTypes.BoolValue
    28  	BucketName                defsecTypes.StringValue
    29  	EventSelectors            []EventSelector
    30  }
    31  
    32  type EventSelector struct {
    33  	Metadata      defsecTypes.Metadata
    34  	DataResources []DataResource
    35  	ReadWriteType defsecTypes.StringValue // ReadOnly, WriteOnly, All. Default value is All for TF.
    36  }
    37  
    38  type DataResource struct {
    39  	Metadata defsecTypes.Metadata
    40  	Type     defsecTypes.StringValue   //  You can specify only the following value: "AWS::S3::Object", "AWS::Lambda::Function" and "AWS::DynamoDB::Table".
    41  	Values   []defsecTypes.StringValue // List of ARNs/partial ARNs - e.g. arn:aws:s3:::<bucket name>/ for all objects in a bucket, arn:aws:s3:::<bucket name>/key for specific objects
    42  }