From 81b7fdbf50c1e560277c44be38e9fd2473ca15c7 Mon Sep 17 00:00:00 2001 From: Salim Afiune Date: Thu, 18 Nov 2021 17:54:31 -0600 Subject: [PATCH] feat: Auto docs generation for the Lacework CLI (#616) * feat: add headers to CLI documentation * chore: ran make generate-docs * docs: add line after injecting headers * docs(cli): multiple style corrections * feat(cli): add docs command to auto generate docs * docs: Updating support links to docs.lacework.com * docs: remove title from markdown files * docs: last updates before releasing Signed-off-by: Salim Afiune Maya Co-authored-by: Ben Radstone --- cli/cmd/access_token.go | 2 +- cli/cmd/account.go | 6 +- cli/cmd/agent.go | 37 +++++----- cli/cmd/alert_rules.go | 13 ++-- cli/cmd/api.go | 6 +- cli/cmd/compliance.go | 36 +++++----- cli/cmd/compliance_aws.go | 12 ++-- cli/cmd/compliance_azure.go | 14 ++-- cli/cmd/compliance_gcp.go | 16 ++--- cli/cmd/configure.go | 9 +-- cli/cmd/docs.go | 72 ++++++++++++++++++- cli/cmd/event.go | 10 +-- cli/cmd/integration.go | 12 ++-- cli/cmd/lql.go | 24 +++---- cli/cmd/lql_create.go | 46 ++++++------ cli/cmd/lql_delete.go | 2 +- cli/cmd/lql_list.go | 2 +- cli/cmd/lql_show.go | 2 +- cli/cmd/lql_sources.go | 4 +- cli/cmd/lql_update.go | 5 +- cli/cmd/lql_validate.go | 2 +- cli/cmd/outputs.go | 2 +- cli/cmd/package_manifest.go | 2 +- cli/cmd/policy.go | 10 +-- cli/cmd/policy_create.go | 30 ++++---- cli/cmd/policy_update.go | 11 +-- cli/cmd/resource_groups.go | 16 ++--- cli/cmd/root.go | 4 +- cli/cmd/version.go | 2 +- cli/cmd/vuln_container.go | 41 +++++------ cli/cmd/vuln_container_test.go | 2 +- cli/cmd/vuln_host.go | 28 ++++---- cli/cmd/vulnerability.go | 12 ++-- cli/docs/lacework.md | 7 +- cli/docs/lacework_access-token.md | 5 ++ cli/docs/lacework_account.md | 5 ++ cli/docs/lacework_account_list.md | 5 ++ cli/docs/lacework_agent.md | 7 +- cli/docs/lacework_agent_install.md | 13 ++-- cli/docs/lacework_agent_token.md | 5 ++ cli/docs/lacework_agent_token_create.md | 5 ++ cli/docs/lacework_agent_token_list.md | 5 ++ cli/docs/lacework_agent_token_show.md | 5 ++ cli/docs/lacework_agent_token_update.md | 11 ++- cli/docs/lacework_alert-rule.md | 5 ++ cli/docs/lacework_alert-rule_create.md | 5 ++ cli/docs/lacework_alert-rule_delete.md | 5 ++ cli/docs/lacework_alert-rule_list.md | 5 ++ cli/docs/lacework_alert-rule_show.md | 5 ++ cli/docs/lacework_api.md | 9 ++- cli/docs/lacework_compliance.md | 9 ++- cli/docs/lacework_compliance_aws.md | 11 ++- .../lacework_compliance_aws_get-report.md | 9 ++- .../lacework_compliance_aws_list-accounts.md | 5 ++ .../lacework_compliance_aws_run-assessment.md | 5 ++ cli/docs/lacework_compliance_azure.md | 13 ++-- .../lacework_compliance_azure_get-report.md | 7 +- ...ork_compliance_azure_list-subscriptions.md | 7 +- .../lacework_compliance_azure_list-tenants.md | 5 ++ ...acework_compliance_azure_run-assessment.md | 5 ++ cli/docs/lacework_compliance_google.md | 15 ++-- .../lacework_compliance_google_get-report.md | 7 +- ...acework_compliance_google_list-projects.md | 9 ++- cli/docs/lacework_compliance_google_list.md | 5 ++ ...cework_compliance_google_run-assessment.md | 5 ++ cli/docs/lacework_configure.md | 5 ++ cli/docs/lacework_configure_list.md | 5 ++ cli/docs/lacework_configure_show.md | 8 ++- cli/docs/lacework_event.md | 5 ++ cli/docs/lacework_event_list.md | 7 +- cli/docs/lacework_event_open.md | 5 ++ cli/docs/lacework_event_show.md | 5 ++ cli/docs/lacework_integration.md | 5 ++ cli/docs/lacework_integration_create.md | 5 ++ cli/docs/lacework_integration_delete.md | 5 ++ cli/docs/lacework_integration_list.md | 5 ++ cli/docs/lacework_integration_show.md | 5 ++ cli/docs/lacework_policy.md | 5 ++ cli/docs/lacework_policy_create.md | 5 ++ cli/docs/lacework_policy_delete.md | 5 ++ cli/docs/lacework_policy_list.md | 5 ++ cli/docs/lacework_policy_show.md | 5 ++ cli/docs/lacework_policy_update.md | 5 ++ cli/docs/lacework_query.md | 5 ++ cli/docs/lacework_query_create.md | 5 ++ cli/docs/lacework_query_delete.md | 5 ++ cli/docs/lacework_query_list-sources.md | 5 ++ cli/docs/lacework_query_list.md | 5 ++ cli/docs/lacework_query_run.md | 5 ++ cli/docs/lacework_query_show-source.md | 5 ++ cli/docs/lacework_query_show.md | 5 ++ cli/docs/lacework_query_update.md | 5 ++ cli/docs/lacework_query_validate.md | 5 ++ cli/docs/lacework_resource-group.md | 5 ++ cli/docs/lacework_resource-group_create.md | 5 ++ cli/docs/lacework_resource-group_delete.md | 5 ++ cli/docs/lacework_resource-group_list.md | 5 ++ cli/docs/lacework_resource-group_show.md | 5 ++ cli/docs/lacework_version.md | 5 ++ cli/docs/lacework_vulnerability.md | 5 ++ cli/docs/lacework_vulnerability_container.md | 7 +- ...ulnerability_container_list-assessments.md | 5 ++ ...vulnerability_container_list-registries.md | 5 ++ ...ork_vulnerability_container_scan-status.md | 5 ++ .../lacework_vulnerability_container_scan.md | 20 ++++-- ...vulnerability_container_show-assessment.md | 7 +- cli/docs/lacework_vulnerability_host.md | 5 ++ ...ulnerability_host_generate-pkg-manifest.md | 7 +- .../lacework_vulnerability_host_list-cves.md | 7 +- .../lacework_vulnerability_host_list-hosts.md | 7 +- ...rk_vulnerability_host_scan-pkg-manifest.md | 9 ++- ...work_vulnerability_host_show-assessment.md | 9 ++- cli/docs/main.go | 6 +- integration/compliance_test.go | 10 +-- integration/help_test.go | 34 ++++----- integration/vulnerability_test.go | 4 +- 116 files changed, 755 insertions(+), 288 deletions(-) diff --git a/cli/cmd/access_token.go b/cli/cmd/access_token.go index bce46de5e..0aa842b9b 100644 --- a/cli/cmd/access_token.go +++ b/cli/cmd/access_token.go @@ -34,7 +34,7 @@ var ( // accessTokenCmd represents the access-token command accessTokenCmd = &cobra.Command{ Use: "access-token", - Short: "generate temporary API access tokens", + Short: "Generate temporary API access tokens", Long: `Generates a temporary API access token that can be used to access the Lacework API. The token will be valid for the duration that you specify.`, Args: cobra.NoArgs, diff --git a/cli/cmd/account.go b/cli/cmd/account.go index 6984cbd60..f2b25b3e6 100644 --- a/cli/cmd/account.go +++ b/cli/cmd/account.go @@ -27,7 +27,7 @@ var ( accountCmd = &cobra.Command{ Use: "account", Aliases: []string{"accounts", "acc"}, - Short: "manage accounts in an organization (org admins only)", + Short: "Manage accounts in an organization (org admins only)", Long: `Manage accounts inside your Lacework organization. An organization can contain multiple accounts so you can also manage components @@ -37,7 +37,7 @@ and can easily switch between them. To enroll your Lacework account in an organization follow the documentation: - https://support.lacework.com/hc/en-us/articles/360041727394-Organization-Overview + https://docs.lacework.com/organization-overview `, } @@ -45,7 +45,7 @@ To enroll your Lacework account in an organization follow the documentation: accountListCmd = &cobra.Command{ Use: "list", Aliases: []string{"ls"}, - Short: "list all accounts", + Short: "List all accounts", Long: `List all accounts in your organization.`, Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { diff --git a/cli/cmd/agent.go b/cli/cmd/agent.go index eb4fbab7f..6be30b299 100644 --- a/cli/cmd/agent.go +++ b/cli/cmd/agent.go @@ -48,7 +48,7 @@ var ( agentCmd = &cobra.Command{ Use: "agent", - Short: "manage Lacework agents", + Short: "Manage Lacework agents", Long: `Manage agents and agent access tokens in your account. To analyze application, host, and user behavior, Lacework uses a lightweight agent, @@ -57,13 +57,13 @@ agent requires minimal system resources and runs on most 64-bit Linux distributi For a complete list of supported operating systems, visit: - https://support.lacework.com/hc/en-us/articles/360005230014-Supported-Operating-Systems`, + https://docs.lacework.com/supported-operating-systems`, } agentTokenCmd = &cobra.Command{ Use: "token", Aliases: []string{"tokens"}, - Short: "manage agent access tokens", + Short: "Manage agent access tokens", Long: `Manage agent access tokens in your account. Agent tokens should be treated as secret and not published. A token uniquely identifies @@ -74,44 +74,41 @@ complete, the old token can safely be disabled without interrupting Lacework ser agentTokenListCmd = &cobra.Command{ Use: "list", - Short: "list all agent access tokens", - Long: `List all agent access tokens.`, + Short: "List all agent access tokens", Args: cobra.NoArgs, RunE: listAgentTokens, } agentTokenCreateCmd = &cobra.Command{ Use: "create [description]", - Short: "create a new agent access token", - Long: `Create a new agent access token.`, + Short: "Create a new agent access token", Args: cobra.RangeArgs(1, 2), RunE: createAgentToken, } agentTokenShowCmd = &cobra.Command{ Use: "show ", - Short: "show details about an agent access token", - Long: `Show details about an agent access token.`, + Short: "Show details about an agent access token", Args: cobra.ExactArgs(1), RunE: showAgentToken, } agentTokenUpdateCmd = &cobra.Command{ Use: "update ", - Short: "update an agent access token", + Short: "Update an agent access token", Long: `Update an agent access token. To update the token name and description: - $ lacework agent token update --name dev --description "k8s deployment for dev" + lacework agent token update --name dev --description "k8s deployment for dev" To disable a token: - $ lacework agent token update --disable + lacework agent token update --disable To enable a token: - $ lacework agent token update --enable`, + lacework agent token update --enable`, Args: cobra.ExactArgs(1), RunE: updateAgentToken, } @@ -119,7 +116,7 @@ To enable a token: // TODO hidden for now agentListCmd = &cobra.Command{ Use: "list", - Short: "list all hosts with a running agent", + Short: "List all hosts with a running agent", Long: `List all hosts that have a running agent in your environment`, Hidden: true, RunE: listAgents, @@ -128,7 +125,7 @@ To enable a token: // TODO hidden for now agentGenerateCmd = &cobra.Command{ Use: "generate", - Short: "generate agent deployment scripts", + Short: "Generate agent deployment scripts", Long: `TBA`, Hidden: true, RunE: func(_ *cobra.Command, _ []string) error { @@ -138,7 +135,7 @@ To enable a token: agentInstallCmd = &cobra.Command{ Use: "install <[user@]host[:port]>", - Short: "install the datacollector agent on a remote host", + Short: "Install the datacollector agent on a remote host", Args: cobra.ExactArgs(1), Long: `For single host installation of the Lacework agent via Secure Shell (SSH). @@ -147,21 +144,21 @@ launched to help gather the necessary authentication information to access the r To authenticate to the remote host with a username and password. - $ lacework agent install --ssh_username --ssh_password + lacework agent install --ssh_username --ssh_password To authenticate to the remote host with an identity file instead. - $ lacework agent install -i /path/to/your/key + lacework agent install -i /path/to/your/key To provide an agent access token of your choice, use the command 'lacework agent token list', select a token and pass it to the '--token' flag. - $ lacework agent install -i /path/to/your/key --token + lacework agent install -i /path/to/your/key --token To authenticate to the remote host on a non-standard SSH port use the '--ssh_port' flag or pass it directly via the argument. - $ lacework agent install + lacework agent install `, RunE: installRemoteAgent, } diff --git a/cli/cmd/alert_rules.go b/cli/cmd/alert_rules.go index 21010cc2e..8acee7f1a 100644 --- a/cli/cmd/alert_rules.go +++ b/cli/cmd/alert_rules.go @@ -37,9 +37,11 @@ var ( alertRulesCommand = &cobra.Command{ Use: "alert-rule", Aliases: []string{"alert-rules", "ar"}, - Short: "manage alert rules", + Short: "Manage alert rules", Long: `Manage alert rules to route events to the appropriate people or tools. + An alert rule has three parts: + 1. Alert channel(s) that should receive the event notification 2. Event severity and categories to include 3. Resource group(s) containing the subset of your environment to consider @@ -50,7 +52,7 @@ An alert rule has three parts: alertRulesListCommand = &cobra.Command{ Use: "list", Aliases: []string{"ls"}, - Short: "list all alert rules", + Short: "List all alert rules", Long: "List all alert rules configured in your Lacework account.", Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { @@ -90,7 +92,7 @@ Then navigate to Settings > Alert Rules. // show command is used to retrieve a lacework alert rule by resource id alertRulesShowCommand = &cobra.Command{ Use: "show", - Short: "show an alert rule by id", + Short: "Show an alert rule by id", Long: "Show a single alert rule by it's ID.", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { @@ -119,7 +121,7 @@ Then navigate to Settings > Alert Rules. // delete command is used to remove a lacework alert rule by resource id alertRulesDeleteCommand = &cobra.Command{ Use: "delete", - Short: "delete a alert rule", + Short: "Delete a alert rule", Long: "Delete a single alert rule by it's ID.", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { @@ -135,8 +137,7 @@ Then navigate to Settings > Alert Rules. // create command is used to create a new lacework alert rule alertRulesCreateCommand = &cobra.Command{ Use: "create", - Short: "create a new alert rule", - Long: "Creates a new single alert rule.", + Short: "Create a new alert rule", RunE: func(_ *cobra.Command, args []string) error { if !cli.InteractiveMode() { return errors.New("interactive mode is disabled") diff --git a/cli/cmd/api.go b/cli/cmd/api.go index 95a852279..7649d9f0b 100644 --- a/cli/cmd/api.go +++ b/cli/cmd/api.go @@ -38,10 +38,10 @@ var ( // apiCmd represents the api command apiCmd = &cobra.Command{ Use: "api ", - Short: "helper to call Lacework's API", + Short: "Helper to call Lacework's API", Long: `Use this command as a helper to call any available Lacework API v1 & v2 endpoint. -== For APIv1 == +### For APIv1 To list all integrations configured in your account: @@ -51,7 +51,7 @@ For a complete list of available API v1 endpoints visit: https://.lacework.net/api/v1/external/docs -== For APIv2 == +### For APIv2 To list all available Lacework schema types: diff --git a/cli/cmd/compliance.go b/cli/cmd/compliance.go index a2fed4f06..a39235974 100644 --- a/cli/cmd/compliance.go +++ b/cli/cmd/compliance.go @@ -63,7 +63,7 @@ var ( complianceCmd = &cobra.Command{ Use: "compliance", Aliases: []string{"comp"}, - Short: "manage compliance reports", + Short: "Manage compliance reports", Long: `Manage compliance reports for Google, Azure, or AWS cloud providers. Lacework cloud security platform provides continuous Compliance monitoring against @@ -72,7 +72,7 @@ HIPAA benchmark standards. Get started by integrating one or more cloud accounts using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -82,7 +82,7 @@ Then navigate to Settings > Integrations > Cloud Accounts. Use the following command to list all available integrations in your account: - $ lacework integrations list + lacework integrations list `, } @@ -90,26 +90,26 @@ Use the following command to list all available integrations in your account: complianceAzureCmd = &cobra.Command{ Use: "azure", Aliases: []string{"az"}, - Short: "compliance for Azure Cloud", + Short: "Compliance for Azure Cloud", Long: `Manage compliance reports for Azure Cloud. To list all Azure Tenants configured in your account: - $ lacework compliance azure list-tenants + lacework compliance azure list-tenants To list all Azure Subscriptions from a Tenant, use the command: - $ lacework compliance azure list-subscriptions + lacework compliance azure list-subscriptions To get the latest Azure compliance assessment report, use the command: - $ lacework compliance azure get-report + lacework compliance azure get-report These reports run on a regular schedule, typically once a day. To run an ad-hoc compliance assessment use the command: - $ lacework compliance azure run-assessment + lacework compliance azure run-assessment `, } @@ -117,54 +117,54 @@ To run an ad-hoc compliance assessment use the command: complianceGcpCmd = &cobra.Command{ Use: "google", Aliases: []string{"gcp"}, - Short: "compliance for Google Cloud", + Short: "Compliance for Google Cloud", Long: `Manage compliance reports for Google Cloud. To get the latest GCP compliance assessment report, use the command: - $ lacework compliance gcp get-report + lacework compliance gcp get-report These reports run on a regular schedule, typically once a day. To find out which GCP organizations/projects are connected to your Lacework account, use the following command: - $ lacework integrations list --type GCP_CFG + lacework integrations list --type GCP_CFG Then, choose one integration, copy the GUID and visualize its details using the command: - $ lacework integration show + lacework integration show To list all GCP projects from an organization, use the command: - $ lacework compliance gcp list-projects + lacework compliance gcp list-projects To run an ad-hoc compliance assessment use the command: - $ lacework compliance gcp run-assessment + lacework compliance gcp run-assessment `, } // complianceAwsCmd represents the aws sub-command inside the compliance command complianceAwsCmd = &cobra.Command{ Use: "aws", - Short: "compliance for AWS", + Short: "Compliance for AWS", Long: `Manage compliance reports for Amazon Web Services (AWS). To list all AWS accounts configured in your account: - $ lacework compliance aws list-accounts + lacework compliance aws list-accounts To get the latest AWS compliance assessment report: - $ lacework compliance aws get-report + lacework compliance aws get-report These reports run on a regular schedule, typically once a day. To run an ad-hoc compliance assessment: - $ lacework compliance aws run-assessment + lacework compliance aws run-assessment `, } ) diff --git a/cli/cmd/compliance_aws.go b/cli/cmd/compliance_aws.go index 77a1bc01d..f4d68cf52 100644 --- a/cli/cmd/compliance_aws.go +++ b/cli/cmd/compliance_aws.go @@ -35,7 +35,7 @@ var ( complianceAwsListAccountsCmd = &cobra.Command{ Use: "list-accounts", Aliases: []string{"list"}, - Short: "list all AWS accounts configured", + Short: "List all AWS accounts configured", Long: `List all AWS accounts configured in your account.`, Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { @@ -48,7 +48,7 @@ var ( Get started by integrating your AWS accounts to analyze configuration compliance using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -104,18 +104,18 @@ Then navigate to Settings > Integrations > Cloud Accounts. return errors.New("supported report types are: CIS, NIST_800-53_Rev4, NIST_800-171_Rev2, ISO_2700, HIPAA, SOC, SOC_Rev2, or PCI") } }, - Short: "get the latest AWS compliance report", + Short: "Get the latest AWS compliance report", Long: `Get the latest compliance assessment report from the provided AWS account, these reports run on a regular schedule, typically once a day. The available report formats are human-readable (default), json and pdf. To list all AWS accounts configured in your account: - $ lacework compliance aws list-accounts + lacework compliance aws list-accounts To run an ad-hoc compliance assessment of an AWS account: - $ lacework compliance aws run-assessment + lacework compliance aws run-assessment `, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { @@ -220,7 +220,7 @@ To run an ad-hoc compliance assessment of an AWS account: complianceAwsRunAssessmentCmd = &cobra.Command{ Use: "run-assessment ", Aliases: []string{"run"}, - Short: "run a new AWS compliance report", + Short: "Run a new AWS compliance report", Long: `Run a compliance assessment for the provided AWS account.`, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { diff --git a/cli/cmd/compliance_azure.go b/cli/cmd/compliance_azure.go index dd9bc67c3..f245fdd02 100644 --- a/cli/cmd/compliance_azure.go +++ b/cli/cmd/compliance_azure.go @@ -35,12 +35,12 @@ var ( complianceAzureListSubsCmd = &cobra.Command{ Use: "list-subscriptions ", Aliases: []string{"list-subs"}, - Short: "list subscriptions from tenant", + Short: "List subscriptions from tenant", Long: `List all Azure subscriptions from the provided Tenant ID. Use the following command to list all Azure Tenants configured in your account: - $ lacework compliance az list`, + lacework compliance az list`, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { var ( @@ -79,7 +79,7 @@ Use the following command to list all Azure Tenants configured in your account: complianceAzureListTenantsCmd = &cobra.Command{ Use: "list-tenants", Aliases: []string{"list"}, - Short: "list all Azure Tenants configured", + Short: "List all Azure Tenants configured", Long: `List all Azure Tenants configured in your account.`, Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { @@ -92,7 +92,7 @@ Use the following command to list all Azure Tenants configured in your account: Get started by integrating your Azure Tenants to analyze configuration compliance using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -145,13 +145,13 @@ Then navigate to Settings > Integrations > Cloud Accounts. return errors.New("supported report types are: CIS, SOC, or PCI") } }, - Short: "get the latest Azure compliance report", + Short: "Get the latest Azure compliance report", Long: `Get the latest Azure compliance assessment report, these reports run on a regular schedule, typically once a day. The available report formats are human-readable (default), json and pdf. To run an ad-hoc compliance assessment use the command: - $ lacework compliance azure run-assessment + lacework compliance azure run-assessment `, Args: cobra.ExactArgs(2), RunE: func(_ *cobra.Command, args []string) error { @@ -261,7 +261,7 @@ To run an ad-hoc compliance assessment use the command: complianceAzureRunAssessmentCmd = &cobra.Command{ Use: "run-assessment ", Aliases: []string{"run"}, - Short: "run a new Azure compliance assessment", + Short: "Run a new Azure compliance assessment", Long: `Run a compliance assessment of the provided Azure tenant.`, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { diff --git a/cli/cmd/compliance_gcp.go b/cli/cmd/compliance_gcp.go index d97ea2936..dbb04b5d6 100644 --- a/cli/cmd/compliance_gcp.go +++ b/cli/cmd/compliance_gcp.go @@ -36,7 +36,7 @@ var ( // complianceGcpListCmd represents the list sub-command inside the gcp command complianceGcpListCmd = &cobra.Command{ Use: "list", - Short: "list gcp projects and organizations", + Short: "List gcp projects and organizations", Long: `List all GCP projects and organization IDs.`, RunE: func(_ *cobra.Command, args []string) error { var ( @@ -53,7 +53,7 @@ var ( Get started by integrating your GCP to analyze configuration compliance using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -87,16 +87,16 @@ Then navigate to Settings > Integrations > Cloud Accounts. complianceGcpListProjCmd = &cobra.Command{ Use: "list-projects ", Aliases: []string{"list-proj"}, - Short: "list projects from an organization", + Short: "List projects from an organization", Long: `List all GCP projects from the provided organization ID. Use the following command to list all GCP integrations in your account: - $ lacework integrations list --type GCP_CFG + lacework integrations list --type GCP_CFG Then, select one GUID from an integration and visualize its details using the command: - $ lacework integration show + lacework integration show `, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { @@ -148,13 +148,13 @@ Then, select one GUID from an integration and visualize its details using the co return errors.New("supported report types are: CIS, CIS12, K8S, HIPAA, SOC, or PCI") } }, - Short: "get the latest GCP compliance report", + Short: "Get the latest GCP compliance report", Long: `Get the latest compliance assessment report, these reports run on a regular schedule, typically once a day. The available report formats are human-readable (default), json and pdf. To run an ad-hoc compliance assessment use the command: - $ lacework compliance gcp run-assessment + lacework compliance gcp run-assessment `, Args: cobra.ExactArgs(2), RunE: func(_ *cobra.Command, args []string) error { @@ -264,7 +264,7 @@ To run an ad-hoc compliance assessment use the command: complianceGcpRunAssessmentCmd = &cobra.Command{ Use: "run-assessment ", Aliases: []string{"run"}, - Short: "run a new GCP compliance assessment", + Short: "Run a new GCP compliance assessment", Long: `Run a compliance assessment for the provided GCP organization or project.`, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { diff --git a/cli/cmd/configure.go b/cli/cmd/configure.go index 2390b3534..32921c548 100644 --- a/cli/cmd/configure.go +++ b/cli/cmd/configure.go @@ -42,7 +42,7 @@ var ( // configureCmd represents the configure command configureCmd = &cobra.Command{ Use: "configure", - Short: "configure the Lacework CLI", + Short: "Configure the Lacework CLI", Args: cobra.NoArgs, Long: `Configure settings that the Lacework CLI uses to interact with the Lacework platform. These include your Lacework account, API access key and secret. @@ -69,7 +69,7 @@ the Lacework CLI will create it for you.`, configureListCmd = &cobra.Command{ Use: "list", - Short: "list all configured profiles at ~/.lacework.toml", + Short: "List all configured profiles at ~/.lacework.toml", Args: cobra.NoArgs, Long: `List all profiles configured into the config file ~/.lacework.toml @@ -95,13 +95,14 @@ export the environment variable: configureGetCmd = &cobra.Command{ Use: "show ", - Short: "show current configuration data", + Short: "Show current configuration data", Args: cobra.ExactArgs(1), Long: `Prints the current computed configuration data from the specified configuration key. The order of precedence to compute the configuration is flags, environment variables, and the configuration file ~/.lacework.toml. The available configuration keys are: + * profile * account * api_secret @@ -109,7 +110,7 @@ The available configuration keys are: To show the configuration from a different profile, use the flag --profile. - $ lacework configure show account --profile my-profile`, + lacework configure show account --profile my-profile`, RunE: func(_ *cobra.Command, args []string) error { data, ok := showConfigurationDataFromKey(args[0]) if !ok { diff --git a/cli/cmd/docs.go b/cli/cmd/docs.go index 54edba2e7..dccea2705 100644 --- a/cli/cmd/docs.go +++ b/cli/cmd/docs.go @@ -19,8 +19,74 @@ package cmd -import "github.com/spf13/cobra/doc" +import ( + "fmt" + "os" + "path" + "path/filepath" + "strings" -func GenerateMarkdownDocs() { - errcheckEXIT(doc.GenMarkdownTree(rootCmd, "../docs")) + "github.com/spf13/cobra" + "github.com/spf13/cobra/doc" +) + +var ( + + // docsLink is the custom link used to render internal links + docsLink = "" + + // docsCmd is a hidden command that generates automatic documentation in Markdown + docsCmd = &cobra.Command{ + Use: "docs ", + Hidden: true, + Short: "Generate Markdown documentation", + Args: cobra.ExactArgs(1), + RunE: func(_ *cobra.Command, args []string) error { + return GenerateMarkdownDocs(args[0]) + }, + } + + // headerTemplate adds front matter to generated documentation, this is how + // we automatically generate documentation at docs.lacework.com + headerTemplate = `--- +title: "%s" +slug: %s +hide_title: true +--- + +` +) + +func init() { + rootCmd.AddCommand(docsCmd) + docsCmd.Flags().StringVarP(&docsLink, + "link", "l", "", "customize the rendered internal links to the commands") +} + +func GenerateMarkdownDocs(location string) error { + // if the location doesn't exist, we will create it for the user + if err := os.MkdirAll(location, 0755); err != nil { + return err + } + + // given a filename, linkHandler is used to customize the rendered internal links + // to the commands, only if docsLinks was provided + linkHandler := func(name string) string { + if docsLink != "" { + base := strings.TrimSuffix(name, path.Ext(name)) + return docsLink + strings.ToLower(base) + "/" + } + return name + } + + // filePrepender uses headerTemplate to prepend front matter to the rendered Markdown + filePrepender := func(filename string) string { + var ( + name = filepath.Base(filename) + base = strings.TrimSuffix(name, path.Ext(name)) + ) + return fmt.Sprintf(headerTemplate, strings.Replace(base, "_", " ", -1), base) + } + + return doc.GenMarkdownTreeCustom(rootCmd, location, filePrepender, linkHandler) } diff --git a/cli/cmd/event.go b/cli/cmd/event.go index d69dffee5..fa067fd6f 100644 --- a/cli/cmd/event.go +++ b/cli/cmd/event.go @@ -54,14 +54,14 @@ var ( eventCmd = &cobra.Command{ Use: "event", Aliases: []string{"events"}, - Short: "inspect Lacework events", + Short: "Inspect Lacework events", Long: `Inspect events reported by the Lacework platform`, } // eventListCmd represents the list sub-command inside the event command eventListCmd = &cobra.Command{ Use: "list", - Short: "list all events (default last 7 days)", + Short: "List all events (default last 7 days)", Long: `List all events for the last 7 days by default, or pass --start and --end to specify a custom time period. You can also pass --serverity to filter by a severity threshold. @@ -71,7 +71,7 @@ Additionally, pass --days to list events for a specified number of days. For example, to list all events from the last day with severity medium and above (Critical, High and Medium) run: - $ lacework events list --severity medium --days 1`, + lacework events list --severity medium --days 1`, Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { @@ -152,7 +152,7 @@ For example, to list all events from the last day with severity medium and above // eventShowCmd represents the show sub-command inside the event command eventShowCmd = &cobra.Command{ Use: "show ", - Short: "show details about a specific event", + Short: "Show details about a specific event", Long: "Show details about a specific event.", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { @@ -193,7 +193,7 @@ For example, to list all events from the last day with severity medium and above // eventOpenCmd represents the open sub-command inside the event command eventOpenCmd = &cobra.Command{ Use: "open ", - Short: "open a specified event in a web browser", + Short: "Open a specified event in a web browser", Long: "Open a specified event in a web browser.", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { diff --git a/cli/cmd/integration.go b/cli/cmd/integration.go index 639b98476..524fe9a14 100644 --- a/cli/cmd/integration.go +++ b/cli/cmd/integration.go @@ -40,14 +40,14 @@ var ( integrationCmd = &cobra.Command{ Use: "integration", Aliases: []string{"integrations", "int"}, - Short: "manage external integrations", + Short: "Manage external integrations", Long: `Manage external integrations with the Lacework platform`, } // integrationListCmd represents the list sub-command inside the integration command integrationListCmd = &cobra.Command{ Use: "list", - Short: "list all available external integrations", + Short: "List all available external integrations", Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { var ( @@ -90,7 +90,7 @@ var ( // integrationShowCmd represents the show sub-command inside the integration command integrationShowCmd = &cobra.Command{ Use: "show ", - Short: "show details about a specific external integration", + Short: "Show details about a specific external integration", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { integration, err := cli.LwApi.Integrations.Get(args[0]) @@ -135,7 +135,7 @@ var ( // integrationCreateCmd represents the create sub-command inside the integration command integrationCreateCmd = &cobra.Command{ Use: "create", - Short: "create an external integrations", + Short: "Create an external integrations", Args: cobra.NoArgs, Long: `Creates an external integration in your account through an interactive session.`, RunE: func(_ *cobra.Command, _ []string) error { @@ -157,7 +157,7 @@ var ( integrationUpdateCmd = &cobra.Command{ Use: "update", Hidden: true, - Short: "update an external integrations", + Short: "Update an external integrations", Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { return nil @@ -167,7 +167,7 @@ var ( // integrationDeleteCmd represents the delete sub-command inside the integration command integrationDeleteCmd = &cobra.Command{ Use: "delete ", - Short: "delete an external integrations", + Short: "Delete an external integrations", Long: `Delete an external integration by providing an integration GUID. Integration GUIDs can be found by using the 'lacework integration list' command.`, diff --git a/cli/cmd/lql.go b/cli/cmd/lql.go index 3b377a42e..ddeff850d 100644 --- a/cli/cmd/lql.go +++ b/cli/cmd/lql.go @@ -53,7 +53,7 @@ var ( queryCmd = &cobra.Command{ Use: "query", Aliases: []string{"lql", "queries"}, - Short: "run and manage queries", + Short: "Run and manage queries", Long: `Run and manage Lacework Query Language (LQL) queries. To provide customizable specification of datasets, Lacework provides the Lacework @@ -68,7 +68,7 @@ Lacework ships a set of default LQL queries that are available in your account. For more information about LQL, visit: - https://support.lacework.com/hc/en-us/articles/4402301824403-LQL-Overview + https://docs.lacework.com/lql-overview To view all LQL queries in your Lacework account. @@ -82,7 +82,7 @@ To execute a query. lacework query run -** NOTE: LQL syntax may change. ** +**NOTE: LQL syntax may change.** `, } @@ -90,7 +90,7 @@ To execute a query. queryRunCmd = &cobra.Command{ Aliases: []string{"execute"}, Use: "run [query_id]", - Short: "run a query", + Short: "Run a query", Long: `Run an LQL query via editor: lacework query run --range today @@ -103,20 +103,20 @@ Start and End times are required to run a query: 1. Start and End times must be specified in one of the following formats: - A. A relative time specifier - B. RFC3339 Date and Time - C. Epoch time in milliseconds + A. A relative time specifier + B. RFC3339 Date and Time + C. Epoch time in milliseconds 2. Start and End times must be specified in one of the following ways: - A. As StartTimeRange and EndTimeRange in the ParamInfo block within the query - B. As start_time_range and end_time_range if specifying JSON - C. As --start and --end CLI flags + A. As StartTimeRange and EndTimeRange in the ParamInfo block within the query + B. As start_time_range and end_time_range if specifying JSON + C. As --start and --end CLI flags 3. Start and End time precedence: - A. CLI flags take precedence over JSON specifications - B. JSON specifications take precedence over ParamInfo specifications`, + A. CLI flags take precedence over JSON specifications + B. JSON specifications take precedence over ParamInfo specifications `, Args: cobra.MaximumNArgs(1), RunE: runQuery, } diff --git a/cli/cmd/lql_create.go b/cli/cmd/lql_create.go index fdd7f3c72..af6ad508a 100644 --- a/cli/cmd/lql_create.go +++ b/cli/cmd/lql_create.go @@ -27,9 +27,8 @@ var ( // queryCreateCmd represents the lql create command queryCreateCmd = &cobra.Command{ Use: "create", - Short: "create a query", - Long: `Create a query. - + Short: "Create a query", + Long: ` There are multiple ways you can create a query: * Typing the query into your default editor (via $EDITOR) @@ -48,30 +47,29 @@ To launch your default editor and create a new query. The following example comes from Lacework's implementation of a policy query: ---- -evaluatorId: Cloudtrail -queryId: LW_Global_AWS_CTA_AccessKeyDeleted -queryText: |- - LW_Global_AWS_CTA_AccessKeyDeleted { - source { - CloudTrailRawEvents - } - filter { - EVENT_SOURCE = 'iam.amazonaws.com' - and EVENT_NAME = 'DeleteAccessKey' - and ERROR_CODE is null + --- + evaluatorId: Cloudtrail + queryId: LW_Global_AWS_CTA_AccessKeyDeleted + queryText: |- + LW_Global_AWS_CTA_AccessKeyDeleted { + source { + CloudTrailRawEvents + } + filter { + EVENT_SOURCE = 'iam.amazonaws.com' + and EVENT_NAME = 'DeleteAccessKey' + and ERROR_CODE is null + } + return distinct { + INSERT_ID, + INSERT_TIME, + EVENT_TIME, + EVENT + } } - return distinct { - INSERT_ID, - INSERT_TIME, - EVENT_TIME, - EVENT - } - } Identifier of the query that executes while running the policy - This query specifies an identifier named 'LW_Global_AWS_CTA_AccessKeyDeleted'. Policy evaluation uses this dataset (along with the filters) to identify AWS CloudTrail events that signify that an IAM access key was deleted. The query @@ -98,7 +96,7 @@ names of the columns selected. If desired, you could alias them to other names a For more information about LQL, visit: - https://support.lacework.com/hc/en-us/articles/4402301824403-LQL-Overview + https://docs.lacework.com/lql-overview `, Args: cobra.NoArgs, RunE: createQuery, diff --git a/cli/cmd/lql_delete.go b/cli/cmd/lql_delete.go index c6427be3a..d90d96e4b 100644 --- a/cli/cmd/lql_delete.go +++ b/cli/cmd/lql_delete.go @@ -27,7 +27,7 @@ var ( // queryDeleteCmd represents the lql delete command queryDeleteCmd = &cobra.Command{ Use: "delete ", - Short: "delete a query", + Short: "Delete a query", Long: `Delete a single LQL query by providing the query id. Use the command 'lacework query list' to list the available queries in diff --git a/cli/cmd/lql_list.go b/cli/cmd/lql_list.go index efc94cecf..5a8030bba 100644 --- a/cli/cmd/lql_list.go +++ b/cli/cmd/lql_list.go @@ -30,7 +30,7 @@ var ( queryListCmd = &cobra.Command{ Use: "list", Aliases: []string{"ls"}, - Short: "list queries", + Short: "List queries", Long: `List all LQL queries in your Lacework account.`, Args: cobra.NoArgs, RunE: listQueries, diff --git a/cli/cmd/lql_show.go b/cli/cmd/lql_show.go index d5b886dc5..fa637b711 100644 --- a/cli/cmd/lql_show.go +++ b/cli/cmd/lql_show.go @@ -27,7 +27,7 @@ var ( // queryShowCmd represents the lql show command queryShowCmd = &cobra.Command{ Use: "show ", - Short: "show a query", + Short: "Show a query", Long: `Show a query.`, Args: cobra.ExactArgs(1), RunE: showQuery, diff --git a/cli/cmd/lql_sources.go b/cli/cmd/lql_sources.go index 46bb289c7..a51a8c4f2 100644 --- a/cli/cmd/lql_sources.go +++ b/cli/cmd/lql_sources.go @@ -30,7 +30,7 @@ var ( Hidden: false, Aliases: []string{"sources"}, Use: "list-sources", - Short: "list Lacework query data sources", + Short: "List Lacework query data sources", Long: `List Lacework query data sources.`, Args: cobra.NoArgs, RunE: listQuerySources, @@ -40,7 +40,7 @@ var ( Hidden: false, Aliases: []string{"describe"}, Use: "show-source ", - Short: "show Lacework query data source", + Short: "Show Lacework query data source", Long: `Show Lacework query data source.`, Args: cobra.ExactArgs(1), RunE: showQuerySource, diff --git a/cli/cmd/lql_update.go b/cli/cmd/lql_update.go index a4f3d7c77..fbd2b2469 100644 --- a/cli/cmd/lql_update.go +++ b/cli/cmd/lql_update.go @@ -29,9 +29,8 @@ var ( // queryUpdateCmd represents the lql update command queryUpdateCmd = &cobra.Command{ Use: "update", - Short: "update a query", - Long: `Update a single LQL query. - + Short: "Update a query", + Long: ` There are multiple ways you can update a query: * Typing the query into your default editor (via $EDITOR) diff --git a/cli/cmd/lql_validate.go b/cli/cmd/lql_validate.go index cc7a28aa6..bde777e3b 100644 --- a/cli/cmd/lql_validate.go +++ b/cli/cmd/lql_validate.go @@ -33,7 +33,7 @@ var ( // queryValidateCmd represents the lql validate command queryValidateCmd = &cobra.Command{ Use: "validate", - Short: "validate a query", + Short: "Validate a query", Long: `Use this command to validate a single LQL query before creating it. There are multiple ways you can validate a query: diff --git a/cli/cmd/outputs.go b/cli/cmd/outputs.go index 5fac69a78..2cccefb67 100644 --- a/cli/cmd/outputs.go +++ b/cli/cmd/outputs.go @@ -61,7 +61,7 @@ func (c *cliState) OutputJSONString(s string) error { func (c *cliState) FormatJSONString(s string) (string, error) { pretty, err := c.JsonF.Format([]byte(strings.Trim(s, "'"))) if err != nil { - c.Log.Debugw("unable to pretty print JSON string", "raw", s) + c.Log.Debugw("unable to pretty print JSON string", "raw", s, "error", err.Error()) return "", err } return string(pretty), nil diff --git a/cli/cmd/package_manifest.go b/cli/cmd/package_manifest.go index bf490a029..0da650b1f 100644 --- a/cli/cmd/package_manifest.go +++ b/cli/cmd/package_manifest.go @@ -272,7 +272,7 @@ func (c *cliState) GetOSInfo() (*OS, error) { msg := `unsupported platform For more information about supported platforms, visit: - https://support.lacework.com/hc/en-us/articles/360049666194-Host-Vulnerability-Assessment-Overview` + https://docs.lacework.com/host-vulnerability-assessment-overview` return osInfo, errors.New(msg) } diff --git a/cli/cmd/policy.go b/cli/cmd/policy.go index b4db20b85..004ee717e 100644 --- a/cli/cmd/policy.go +++ b/cli/cmd/policy.go @@ -50,7 +50,7 @@ var ( policyCmd = &cobra.Command{ Use: "policy", Aliases: []string{"policies"}, - Short: "manage policies", + Short: "Manage policies", Long: `Manage policies in your Lacework account. A policy is a mechanism used to add annotated metadata to a Lacework query for improving @@ -79,7 +79,7 @@ To view the LQL query associated with the policy, use the query id shown. lacework query show -** NOTE: LQL syntax may change. ** +**NOTE: LQL syntax may change.** `, } @@ -87,7 +87,7 @@ To view the LQL query associated with the policy, use the query id shown. policyListCmd = &cobra.Command{ Use: "list", Aliases: []string{"ls"}, - Short: "list policies", + Short: "List policies", Long: `List all the registered policies in your Lacework account.`, Args: cobra.NoArgs, RunE: listPolicies, @@ -97,7 +97,7 @@ To view the LQL query associated with the policy, use the query id shown. policyShowCmd = &cobra.Command{ Use: "show ", Aliases: []string{"ls"}, - Short: "show policy", + Short: "Show policy", Long: `Show details about a single policy.`, Args: cobra.ExactArgs(1), RunE: showPolicy, @@ -106,7 +106,7 @@ To view the LQL query associated with the policy, use the query id shown. // policyDeleteCmd represents the policy delete command policyDeleteCmd = &cobra.Command{ Use: "delete ", - Short: "delete a policy", + Short: "Delete a policy", Long: `Delete a policy by providing the policy id. Use the command 'lacework policy list' to list the registered policies in diff --git a/cli/cmd/policy_create.go b/cli/cmd/policy_create.go index 8e29f732d..eb1170f9d 100644 --- a/cli/cmd/policy_create.go +++ b/cli/cmd/policy_create.go @@ -33,24 +33,26 @@ var ( // policyCreateCmd represents the policy create command policyCreateCmd = &cobra.Command{ Use: "create", - Short: "create a policy", + Short: "Create a policy", Long: `Create a policy. A policy is represented in either JSON or YAML format. + The following attributes are minimally required: ---- -evaluatorId: Cloudtrail -policyId: lacework-example-1 -policyType: Violation -queryId: MyQuery -title: My Policy -enabled: false -description: My Policy Description -remediation: My Policy Remediation -severity: high -evalFrequency: Daily -alertEnabled: false -alertProfile: LW_CloudTrail_Alerts + + --- + evaluatorId: Cloudtrail + policyId: lacework-example-1 + policyType: Violation + queryId: MyQuery + title: My Policy + enabled: false + description: My Policy Description + remediation: My Policy Remediation + severity: high + evalFrequency: Daily + alertEnabled: false + alertProfile: LW_CloudTrail_Alerts `, Args: cobra.NoArgs, RunE: createPolicy, diff --git a/cli/cmd/policy_update.go b/cli/cmd/policy_update.go index b9c4ccccb..136ad2eda 100644 --- a/cli/cmd/policy_update.go +++ b/cli/cmd/policy_update.go @@ -32,22 +32,23 @@ var ( // policyUpdateCmd represents the policy update command policyUpdateCmd = &cobra.Command{ Use: "update [policy_id]", - Short: "update a policy", + Short: "Update a policy", Long: `Update a policy. A policy identifier is required to update a policy. A policy identifier can be specified via: + 1. A policy update command argument lacework policy update my-policy-1 2. The policy update payload -{ - "policy_id": "my-policy-1", - "severity": "critical" -} + { + "policy_id": "my-policy-1", + "severity": "critical" + } A policy identifier specifed via command argument will always take precedence over a policy identifer specified via payload.`, diff --git a/cli/cmd/resource_groups.go b/cli/cmd/resource_groups.go index 7c98fab73..a75ba3e29 100644 --- a/cli/cmd/resource_groups.go +++ b/cli/cmd/resource_groups.go @@ -34,7 +34,7 @@ var ( resourceGroupsCommand = &cobra.Command{ Use: "resource-group", Aliases: []string{"resource-groups", "rg"}, - Short: "manage resource groups", + Short: "Manage resource groups", Long: "Manage Lacework-identifiable assets via the use of resource groups.", } @@ -42,7 +42,7 @@ var ( resourceGroupsListCommand = &cobra.Command{ Use: "list", Aliases: []string{"ls"}, - Short: "list all resource groups", + Short: "List all resource groups", Long: "List all resource groups configured in your Lacework account.", Args: cobra.NoArgs, RunE: func(_ *cobra.Command, _ []string) error { @@ -55,7 +55,7 @@ var ( Get started by integrating your resource groups to manage alerting using the command: - $ lacework resource-group create + lacework resource-group create If you prefer to configure resource groups via the WebUI, log in to your account at: @@ -101,8 +101,8 @@ Then navigate to Settings > Resource Groups. // show command is used to retrieve a lacework resource group by resource id resourceGroupsShowCommand = &cobra.Command{ Use: "show", - Short: "get resource group by id", - Long: "Get a single resource group by it's Resource ID.", + Short: "Get resource group by id", + Long: "Get a single resource group by it's resource group ID.", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { var response api.ResourceGroupResponse @@ -144,8 +144,8 @@ Then navigate to Settings > Resource Groups. // delete command is used to remove a lacework resource group by resource id resourceGroupsDeleteCommand = &cobra.Command{ Use: "delete", - Short: "delete a resource group", - Long: "Delete a single resource group by it's Resource ID.", + Short: "Delete a resource group", + Long: "Delete a single resource group by it's resource group ID.", Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { err := cli.LwApi.V2.ResourceGroups.Delete(args[0]) @@ -159,7 +159,7 @@ Then navigate to Settings > Resource Groups. // create command is used to create a new lacework resource group resourceGroupsCreateCommand = &cobra.Command{ Use: "create", - Short: "create a new resource group", + Short: "Create a new resource group", Long: "Creates a new single resource group.", RunE: func(_ *cobra.Command, args []string) error { if !cli.InteractiveMode() { diff --git a/cli/cmd/root.go b/cli/cmd/root.go index d36901590..c5e376a6f 100644 --- a/cli/cmd/root.go +++ b/cli/cmd/root.go @@ -47,7 +47,7 @@ external integrations, vulnerability scans, and other operations. Start by configuring the Lacework CLI with the command: - $ lacework configure + lacework configure This will prompt you for your Lacework account and a set of API access keys.`, PersistentPreRunE: func(cmd *cobra.Command, args []string) error { @@ -58,7 +58,7 @@ This will prompt you for your Lacework account and a set of API access keys.`, cli.SendHoneyvent() switch cmd.Use { - case "help [command]", "configure", "version", "generate-pkg-manifest": + case "help [command]", "configure", "version", "docs ", "generate-pkg-manifest": return nil default: // @afiune no need to create a client for any configure command diff --git a/cli/cmd/version.go b/cli/cmd/version.go index eacd64b63..35a3e4ee8 100644 --- a/cli/cmd/version.go +++ b/cli/cmd/version.go @@ -49,7 +49,7 @@ var ( // versionCmd represents the version command versionCmd = &cobra.Command{ Use: "version", - Short: "print the Lacework CLI version", + Short: "Print the Lacework CLI version", Long: ` Prints out the installed version of the Lacework CLI and checks for newer versions available for update. diff --git a/cli/cmd/vuln_container.go b/cli/cmd/vuln_container.go index 2869c4917..17e404bde 100644 --- a/cli/cmd/vuln_container.go +++ b/cli/cmd/vuln_container.go @@ -38,19 +38,20 @@ var ( // vulContainerScanCmd represents the scan sub-command inside the container vulnerability command vulContainerScanCmd = &cobra.Command{ Use: "scan ", - Short: "request an on-demand container vulnerability assessment", + Short: "Request an on-demand container vulnerability assessment", Long: `Request on-demand container vulnerability assessments and view the generated results. -NOTE: Scans can take up to 15 minutes to return results. +To list all container registries configured in your account: -Arguments: - container registry where the container image has been published - repository name that contains the container image - either a tag or an image digest to scan (digest format: sha256:1ee...1d3b) + lacework vulnerability container list-registries -To list all container registries configured in your account: +**NOTE:** Scans can take up to 15 minutes to return results. - $ lacework vulnerability container list-registries`, +Arguments: + container registry where the container image has been published + repository name that contains the container image + either a tag or an image digest to scan (digest format: sha256:1ee...1d3b) + `, Args: cobra.ExactArgs(3), RunE: func(c *cobra.Command, args []string) error { if err := validateSeverityFlags(); err != nil { @@ -72,7 +73,7 @@ To list all container registries configured in your account: vulContainerScanStatusCmd = &cobra.Command{ Use: "scan-status ", Aliases: []string{"status"}, - Short: "check the status of an on-demand container vulnerability assessment", + Short: "Check the status of an on-demand container vulnerability assessment", Long: "Check the status of an on-demand container vulnerability assessment.", Args: cobra.ExactArgs(1), RunE: func(c *cobra.Command, args []string) error { @@ -94,7 +95,7 @@ To list all container registries configured in your account: vulContainerListRegistriesCmd = &cobra.Command{ Use: "list-registries", Aliases: []string{"list-reg", "registries"}, - Short: "list all container registries configured", + Short: "List all container registries configured", Long: `List all container registries configured in your account.`, Args: cobra.NoArgs, RunE: func(_ *cobra.Command, args []string) error { @@ -107,7 +108,7 @@ To list all container registries configured in your account: Get started by integrating your container registry using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -138,7 +139,7 @@ Then navigate to Settings > Integrations > Container Registry. vulContainerListAssessmentsCmd = &cobra.Command{ Use: "list-assessments", Aliases: []string{"list", "ls"}, - Short: "list container vulnerability assessments (default last 7 days)", + Short: "List container vulnerability assessments (default last 7 days)", Long: `List all container vulnerability assessments for the last 7 days by default, or pass --start and --end to specify a custom time range. You can also pass --active to filter on active containers in your environment, as well as pass --fixable to @@ -231,11 +232,11 @@ filter on containers with vulnerabilities that have fixes available.`, vulContainerShowAssessmentCmd = &cobra.Command{ Use: "show-assessment ", Aliases: []string{"show"}, - Short: "show results of a container vulnerability assessment", + Short: "Show results of a container vulnerability assessment", Long: `Show the results from a vulnerability assessment of a specified container. Arguments: - a sha256 hash of a container image (format: sha256:1ee...1d3b) + a sha256 hash of a container image (format: sha256:1ee...1d3b) By default, this command expects a sha256 image digest or tag. To lookup an assessment by its image id, use the flag '--image_id' followed by the sha256 @@ -243,7 +244,7 @@ image id. To request an on-demand vulnerability scan: - $ lacework vulnerability container scan `, + lacework vulnerability container scan `, Args: cobra.ExactArgs(1), RunE: func(c *cobra.Command, args []string) error { if err := validateSeverityFlags(); err != nil { @@ -431,7 +432,7 @@ func requestOnDemandContainerVulnerabilityScan(args []string) error { cli.OutputHuman("To track the progress of the scan, use the command:\n") cli.OutputHuman( - " $ lacework vulnerability container scan-status %s%s\n", + " lacework vulnerability container scan-status %s%s\n", scan.Data.RequestID, cli.OutputNonDefaultProfileFlag(), ) @@ -516,7 +517,7 @@ func showContainerAssessmentsWithSha256(sha string) error { `unable to retrieve assessment for the provided container image. (unsupported distribution) For more information about supported distributions, visit: - https://support.lacework.com/hc/en-us/articles/360035472393-Container-Vulnerability-Assessment-Overview + https://docs.lacework.com/container-vulnerability-assessment-overview `, ) case "NotFound": @@ -1033,7 +1034,7 @@ func userFriendlyErrorForOnDemandCtrVulnScan(err error, registry, repo, tag stri Get started by integrating your container registry using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -1052,7 +1053,7 @@ Your account has the following container registries configured: To integrate a new container registry use the command: - $ lacework integration create + lacework integration create ` return errors.New(fmt.Sprintf(msg, registry, strings.Join(registries, "\n > "))) } @@ -1071,7 +1072,7 @@ to the provided registry. To view all container registries configured in your account use the command: - $ lacework vulnerability container list-registries + lacework vulnerability container list-registries ` return errors.Errorf(msg, repo, tag, registry) } diff --git a/cli/cmd/vuln_container_test.go b/cli/cmd/vuln_container_test.go index 987948fea..18f43c637 100644 --- a/cli/cmd/vuln_container_test.go +++ b/cli/cmd/vuln_container_test.go @@ -39,6 +39,6 @@ func TestUserFriendlyErrorFromOnDemandCtrVulnScanRepositoryNotFound(t *testing.T "To view all container registries configured in your account use the command:") assert.Contains(t, err.Error(), - "$ lacework vulnerability container list-registries") + "lacework vulnerability container list-registries") } } diff --git a/cli/cmd/vuln_host.go b/cli/cmd/vuln_host.go index 52b2869ec..33ae68fa4 100644 --- a/cli/cmd/vuln_host.go +++ b/cli/cmd/vuln_host.go @@ -47,14 +47,14 @@ var ( vulHostGenPkgManifestCmd = &cobra.Command{ Use: "generate-pkg-manifest", Args: cobra.NoArgs, - Short: "generates a package-manifest from the local host", + Short: "Generates a package-manifest from the local host", Long: `Generates a package-manifest formatted for usage with the Lacework scan package-manifest API. Additionally, you can automatically generate a package-manifest from the local host and send it directly to the Lacework API with the command: - $ lacework vulnerability host scan-pkg-manifest --local`, + lacework vulnerability host scan-pkg-manifest --local`, RunE: func(_ *cobra.Command, _ []string) error { manifest, err := cli.GeneratePackageManifest() if err != nil { @@ -68,13 +68,13 @@ the local host and send it directly to the Lacework API with the command: vulHostScanPkgManifestCmd = &cobra.Command{ Use: "scan-pkg-manifest ", Args: cobra.MaximumNArgs(1), - Short: "request an on-demand host vulnerability assessment from a package-manifest", + Short: "Request an on-demand host vulnerability assessment from a package-manifest", Long: `Request an on-demand host vulnerability assessment of your software packages to determine if the packages contain any common vulnerabilities and exposures. Simple usage: - $ lacework vulnerability host scan-pkg-manifest '{ + lacework vulnerability host scan-pkg-manifest '{ "os_pkg_info_list": [ { "os":"Ubuntu", @@ -87,9 +87,9 @@ Simple usage: To generate a package-manifest from the local host and scan it automatically: - $ lacework vulnerability host scan-pkg-manifest --local + lacework vulnerability host scan-pkg-manifest --local -(*) NOTE: +**NOTE:** - Only packages managed by a package manager for supported OS's are reported. - Calls to this operation are rate limited to 10 calls per hour, per access key. - This operation is limited to 10k packages per command execution.`, @@ -195,13 +195,13 @@ To generate a package-manifest from the local host and scan it automatically: } return nil }, - Short: "list the CVEs found in the hosts in your environment", + Short: "List the CVEs found in the hosts in your environment", Long: `List the CVEs found in the hosts in your environment. Filter results to only show vulnerabilities actively running in your environment with fixes: - $ lacework vulnerability host list-cves --active --fixable`, + lacework vulnerability host list-cves --active --fixable`, RunE: func(_ *cobra.Command, args []string) error { if err := validateSeverityFlags(); err != nil { return err @@ -228,12 +228,12 @@ with fixes: } return nil }, - Short: "list the hosts that contain a specified CVE id in your environment", + Short: "List the hosts that contain a specified CVE id in your environment", Long: `List the hosts that contain a specified CVE id in your environment. To list the CVEs found in the hosts of your environment run: - $ lacework vulnerability host list-cves`, + lacework vulnerability host list-cves`, RunE: func(_ *cobra.Command, args []string) error { response, err := cli.LwApi.Vulnerabilities.Host.ListHostsWithCVE(args[0]) if err != nil { @@ -289,16 +289,16 @@ To list the CVEs found in the hosts of your environment run: Use: "show-assessment ", Aliases: []string{"show"}, Args: cobra.ExactArgs(1), - Short: "show results of a host vulnerability assessment", + Short: "Show results of a host vulnerability assessment", Long: `Show results of a host vulnerability assessment. To find the machine id from hosts in your environment, use the command: - $ lacework vulnerability host list-cves + lacework vulnerability host list-cves Grab a CVE id and feed it to the command: - $ lacework vulnerability host list-hosts my_cve_id`, + lacework vulnerability host list-hosts my_cve_id`, RunE: func(c *cobra.Command, args []string) error { if err := validateSeverityFlags(); err != nil { return err @@ -337,7 +337,7 @@ Grab a CVE id and feed it to the command: Use: "list-assessments", Hidden: true, //Aliases: []string{"list", "ls"}, - Short: "list host vulnerability assessments from a time range", + Short: "List host vulnerability assessments from a time range", Long: "List host vulnerability assessments from a time range.", RunE: func(_ *cobra.Command, args []string) error { return nil diff --git a/cli/cmd/vulnerability.go b/cli/cmd/vulnerability.go index 8fd29bea0..d59c433c8 100644 --- a/cli/cmd/vulnerability.go +++ b/cli/cmd/vulnerability.go @@ -92,7 +92,7 @@ var ( vulnerabilityCmd = &cobra.Command{ Use: "vulnerability", Aliases: []string{"vuln", "vul"}, - Short: "container and host vulnerability assessments", + Short: "Container and host vulnerability assessments", Long: "Container and host vulnerability assessments.", } @@ -100,17 +100,17 @@ var ( vulContainerCmd = &cobra.Command{ Use: "container", Aliases: []string{"ctr"}, - Short: "vulnerability assessment for containers", + Short: "Vulnerability assessment for containers", Long: `Request on-demand container vulnerability scans and show previous assessments from published images. -(*) PREREQUISITE: Your Lacework account should already be configured +**PREREQUISITE:** Your Lacework account should already be configured with a Container Registry Integration of the container images you are trying to scan or show. To create a new integration use the following command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -122,7 +122,7 @@ Then navigate to Settings > Integrations > Container Registry.`, // vulHostCmd represents the vulnerability host command vulHostCmd = &cobra.Command{ Use: "host", - Short: "vulnerability assessment for hosts", + Short: "Vulnerability assessment for hosts", Long: `Request on-demand host vulnerability scans and show previous assessments from hosts with the Lacework datacollector agent installed. `, @@ -414,7 +414,7 @@ func checkScanStatus(requestID string) (*api.VulnContainerAssessment, error, boo `unable to run assessment for the provided container image. (unsupported distribution) For more information about supported distributions, visit: - https://support.lacework.com/hc/en-us/articles/360035472393-Container-Vulnerability-Assessment-Overview + https://docs.lacework.com/container-vulnerability-assessment-overview `, ), false case "NotFound": diff --git a/cli/docs/lacework.md b/cli/docs/lacework.md index 5ef884b6d..b18459885 100644 --- a/cli/docs/lacework.md +++ b/cli/docs/lacework.md @@ -1,3 +1,8 @@ +--- +title: "lacework" +slug: lacework +--- + ## lacework A tool to manage the Lacework cloud security platform. @@ -10,7 +15,7 @@ external integrations, vulnerability scans, and other operations. Start by configuring the Lacework CLI with the command: - $ lacework configure + lacework configure This will prompt you for your Lacework account and a set of API access keys. diff --git a/cli/docs/lacework_access-token.md b/cli/docs/lacework_access-token.md index a121ff127..dd748b7b7 100644 --- a/cli/docs/lacework_access-token.md +++ b/cli/docs/lacework_access-token.md @@ -1,3 +1,8 @@ +--- +title: "lacework access-token" +slug: lacework_access-token +--- + ## lacework access-token generate temporary API access tokens diff --git a/cli/docs/lacework_account.md b/cli/docs/lacework_account.md index 723e633ca..a1cf3f78e 100644 --- a/cli/docs/lacework_account.md +++ b/cli/docs/lacework_account.md @@ -1,3 +1,8 @@ +--- +title: "lacework account" +slug: lacework_account +--- + ## lacework account manage accounts in an organization (org admins only) diff --git a/cli/docs/lacework_account_list.md b/cli/docs/lacework_account_list.md index 9ce585545..1a8237129 100644 --- a/cli/docs/lacework_account_list.md +++ b/cli/docs/lacework_account_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework account list" +slug: lacework_account_list +--- + ## lacework account list list all accounts diff --git a/cli/docs/lacework_agent.md b/cli/docs/lacework_agent.md index a831c4072..e806e49ad 100644 --- a/cli/docs/lacework_agent.md +++ b/cli/docs/lacework_agent.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent" +slug: lacework_agent +--- + ## lacework agent manage Lacework agents @@ -12,7 +17,7 @@ agent requires minimal system resources and runs on most 64-bit Linux distributi For a complete list of supported operating systems, visit: - https://support.lacework.com/hc/en-us/articles/360005230014-Supported-Operating-Systems + https://support.lacework.com/hc/en-us/articles/360005230014-Supported-Operating-Systems ### Options diff --git a/cli/docs/lacework_agent_install.md b/cli/docs/lacework_agent_install.md index 7b5267856..38861a49e 100644 --- a/cli/docs/lacework_agent_install.md +++ b/cli/docs/lacework_agent_install.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent install" +slug: lacework_agent_install +--- + ## lacework agent install install the datacollector agent on a remote host @@ -11,21 +16,21 @@ launched to help gather the necessary authentication information to access the r To authenticate to the remote host with a username and password. - $ lacework agent install --ssh_username --ssh_password + lacework agent install --ssh_username --ssh_password To authenticate to the remote host with an identity file instead. - $ lacework agent install -i /path/to/your/key + lacework agent install -i /path/to/your/key To provide an agent access token of your choice, use the command 'lacework agent token list', select a token and pass it to the '--token' flag. - $ lacework agent install -i /path/to/your/key --token + lacework agent install -i /path/to/your/key --token To authenticate to the remote host on a non-standard SSH port use the '--ssh_port' flag or pass it directly via the argument. - $ lacework agent install + lacework agent install ``` diff --git a/cli/docs/lacework_agent_token.md b/cli/docs/lacework_agent_token.md index bf316d3b8..cd7fb7ba9 100644 --- a/cli/docs/lacework_agent_token.md +++ b/cli/docs/lacework_agent_token.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent token" +slug: lacework_agent_token +--- + ## lacework agent token manage agent access tokens diff --git a/cli/docs/lacework_agent_token_create.md b/cli/docs/lacework_agent_token_create.md index 16821525e..9bb690280 100644 --- a/cli/docs/lacework_agent_token_create.md +++ b/cli/docs/lacework_agent_token_create.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent token create" +slug: lacework_agent_token_create +--- + ## lacework agent token create create a new agent access token diff --git a/cli/docs/lacework_agent_token_list.md b/cli/docs/lacework_agent_token_list.md index a8743252b..1e5cc1487 100644 --- a/cli/docs/lacework_agent_token_list.md +++ b/cli/docs/lacework_agent_token_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent token list" +slug: lacework_agent_token_list +--- + ## lacework agent token list list all agent access tokens diff --git a/cli/docs/lacework_agent_token_show.md b/cli/docs/lacework_agent_token_show.md index 3e8d030c7..e2f9429aa 100644 --- a/cli/docs/lacework_agent_token_show.md +++ b/cli/docs/lacework_agent_token_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent token show" +slug: lacework_agent_token_show +--- + ## lacework agent token show show details about an agent access token diff --git a/cli/docs/lacework_agent_token_update.md b/cli/docs/lacework_agent_token_update.md index 02d2fa2bd..c5672f0e4 100644 --- a/cli/docs/lacework_agent_token_update.md +++ b/cli/docs/lacework_agent_token_update.md @@ -1,3 +1,8 @@ +--- +title: "lacework agent token update" +slug: lacework_agent_token_update +--- + ## lacework agent token update update an agent access token @@ -8,15 +13,15 @@ Update an agent access token. To update the token name and description: - $ lacework agent token update --name dev --description "k8s deployment for dev" + lacework agent token update --name dev --description "k8s deployment for dev" To disable a token: - $ lacework agent token update --disable + lacework agent token update --disable To enable a token: - $ lacework agent token update --enable + lacework agent token update --enable ``` lacework agent token update [flags] diff --git a/cli/docs/lacework_alert-rule.md b/cli/docs/lacework_alert-rule.md index 190baf537..370a033f0 100644 --- a/cli/docs/lacework_alert-rule.md +++ b/cli/docs/lacework_alert-rule.md @@ -1,3 +1,8 @@ +--- +title: "lacework alert-rule" +slug: lacework_alert-rule +--- + ## lacework alert-rule manage alert rules diff --git a/cli/docs/lacework_alert-rule_create.md b/cli/docs/lacework_alert-rule_create.md index 324404e0a..eff4503c1 100644 --- a/cli/docs/lacework_alert-rule_create.md +++ b/cli/docs/lacework_alert-rule_create.md @@ -1,3 +1,8 @@ +--- +title: "lacework alert-rule create" +slug: lacework_alert-rule_create +--- + ## lacework alert-rule create create a new alert rule diff --git a/cli/docs/lacework_alert-rule_delete.md b/cli/docs/lacework_alert-rule_delete.md index a77862436..597627eca 100644 --- a/cli/docs/lacework_alert-rule_delete.md +++ b/cli/docs/lacework_alert-rule_delete.md @@ -1,3 +1,8 @@ +--- +title: "lacework alert-rule delete" +slug: lacework_alert-rule_delete +--- + ## lacework alert-rule delete delete a alert rule diff --git a/cli/docs/lacework_alert-rule_list.md b/cli/docs/lacework_alert-rule_list.md index 4dd216e17..0312e2c32 100644 --- a/cli/docs/lacework_alert-rule_list.md +++ b/cli/docs/lacework_alert-rule_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework alert-rule list" +slug: lacework_alert-rule_list +--- + ## lacework alert-rule list list all alert rules diff --git a/cli/docs/lacework_alert-rule_show.md b/cli/docs/lacework_alert-rule_show.md index 0944e6f9e..151f756dc 100644 --- a/cli/docs/lacework_alert-rule_show.md +++ b/cli/docs/lacework_alert-rule_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework alert-rule show" +slug: lacework_alert-rule_show +--- + ## lacework alert-rule show show an alert rule by id diff --git a/cli/docs/lacework_api.md b/cli/docs/lacework_api.md index 067eb83b6..0ddaee089 100644 --- a/cli/docs/lacework_api.md +++ b/cli/docs/lacework_api.md @@ -1,3 +1,8 @@ +--- +title: "lacework api" +slug: lacework_api +--- + ## lacework api helper to call Lacework's API @@ -6,7 +11,7 @@ helper to call Lacework's API Use this command as a helper to call any available Lacework API v1 & v2 endpoint. -== For APIv1 == +### For APIv1 To list all integrations configured in your account: @@ -16,7 +21,7 @@ For a complete list of available API v1 endpoints visit: https://.lacework.net/api/v1/external/docs -== For APIv2 == +### For APIv2 To list all available Lacework schema types: diff --git a/cli/docs/lacework_compliance.md b/cli/docs/lacework_compliance.md index a61d2acf5..0fe1da93e 100644 --- a/cli/docs/lacework_compliance.md +++ b/cli/docs/lacework_compliance.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance" +slug: lacework_compliance +--- + ## lacework compliance manage compliance reports @@ -12,7 +17,7 @@ HIPAA benchmark standards. Get started by integrating one or more cloud accounts using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -22,7 +27,7 @@ Then navigate to Settings > Integrations > Cloud Accounts. Use the following command to list all available integrations in your account: - $ lacework integrations list + lacework integrations list ### Options diff --git a/cli/docs/lacework_compliance_aws.md b/cli/docs/lacework_compliance_aws.md index e8b83890e..8f13d4e62 100644 --- a/cli/docs/lacework_compliance_aws.md +++ b/cli/docs/lacework_compliance_aws.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance aws" +slug: lacework_compliance_aws +--- + ## lacework compliance aws compliance for AWS @@ -8,17 +13,17 @@ Manage compliance reports for Amazon Web Services (AWS). To list all AWS accounts configured in your account: - $ lacework compliance aws list-accounts + lacework compliance aws list-accounts To get the latest AWS compliance assessment report: - $ lacework compliance aws get-report + lacework compliance aws get-report These reports run on a regular schedule, typically once a day. To run an ad-hoc compliance assessment: - $ lacework compliance aws run-assessment + lacework compliance aws run-assessment ### Options diff --git a/cli/docs/lacework_compliance_aws_get-report.md b/cli/docs/lacework_compliance_aws_get-report.md index e68f41039..6c190fc4f 100644 --- a/cli/docs/lacework_compliance_aws_get-report.md +++ b/cli/docs/lacework_compliance_aws_get-report.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance aws get-report" +slug: lacework_compliance_aws_get-report +--- + ## lacework compliance aws get-report get the latest AWS compliance report @@ -10,11 +15,11 @@ are human-readable (default), json and pdf. To list all AWS accounts configured in your account: - $ lacework compliance aws list-accounts + lacework compliance aws list-accounts To run an ad-hoc compliance assessment of an AWS account: - $ lacework compliance aws run-assessment + lacework compliance aws run-assessment ``` diff --git a/cli/docs/lacework_compliance_aws_list-accounts.md b/cli/docs/lacework_compliance_aws_list-accounts.md index 0095bd0af..5cacb83d0 100644 --- a/cli/docs/lacework_compliance_aws_list-accounts.md +++ b/cli/docs/lacework_compliance_aws_list-accounts.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance aws list-accounts" +slug: lacework_compliance_aws_list-accounts +--- + ## lacework compliance aws list-accounts list all AWS accounts configured diff --git a/cli/docs/lacework_compliance_aws_run-assessment.md b/cli/docs/lacework_compliance_aws_run-assessment.md index 0d31a25d8..089975d90 100644 --- a/cli/docs/lacework_compliance_aws_run-assessment.md +++ b/cli/docs/lacework_compliance_aws_run-assessment.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance aws run-assessment" +slug: lacework_compliance_aws_run-assessment +--- + ## lacework compliance aws run-assessment run a new AWS compliance report diff --git a/cli/docs/lacework_compliance_azure.md b/cli/docs/lacework_compliance_azure.md index 43a92437c..bda17542e 100644 --- a/cli/docs/lacework_compliance_azure.md +++ b/cli/docs/lacework_compliance_azure.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance azure" +slug: lacework_compliance_azure +--- + ## lacework compliance azure compliance for Azure Cloud @@ -8,21 +13,21 @@ Manage compliance reports for Azure Cloud. To list all Azure Tenants configured in your account: - $ lacework compliance azure list-tenants + lacework compliance azure list-tenants To list all Azure Subscriptions from a Tenant, use the command: - $ lacework compliance azure list-subscriptions + lacework compliance azure list-subscriptions To get the latest Azure compliance assessment report, use the command: - $ lacework compliance azure get-report + lacework compliance azure get-report These reports run on a regular schedule, typically once a day. To run an ad-hoc compliance assessment use the command: - $ lacework compliance azure run-assessment + lacework compliance azure run-assessment ### Options diff --git a/cli/docs/lacework_compliance_azure_get-report.md b/cli/docs/lacework_compliance_azure_get-report.md index 99ca20db4..22889db6c 100644 --- a/cli/docs/lacework_compliance_azure_get-report.md +++ b/cli/docs/lacework_compliance_azure_get-report.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance azure get-report" +slug: lacework_compliance_azure_get-report +--- + ## lacework compliance azure get-report get the latest Azure compliance report @@ -9,7 +14,7 @@ typically once a day. The available report formats are human-readable (default), To run an ad-hoc compliance assessment use the command: - $ lacework compliance azure run-assessment + lacework compliance azure run-assessment ``` diff --git a/cli/docs/lacework_compliance_azure_list-subscriptions.md b/cli/docs/lacework_compliance_azure_list-subscriptions.md index 14f6c09a3..2ed508f8b 100644 --- a/cli/docs/lacework_compliance_azure_list-subscriptions.md +++ b/cli/docs/lacework_compliance_azure_list-subscriptions.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance azure list-subscriptions" +slug: lacework_compliance_azure_list-subscriptions +--- + ## lacework compliance azure list-subscriptions list subscriptions from tenant @@ -8,7 +13,7 @@ List all Azure subscriptions from the provided Tenant ID. Use the following command to list all Azure Tenants configured in your account: - $ lacework compliance az list + lacework compliance az list ``` lacework compliance azure list-subscriptions [flags] diff --git a/cli/docs/lacework_compliance_azure_list-tenants.md b/cli/docs/lacework_compliance_azure_list-tenants.md index 23f34f871..25b93df2a 100644 --- a/cli/docs/lacework_compliance_azure_list-tenants.md +++ b/cli/docs/lacework_compliance_azure_list-tenants.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance azure list-tenants" +slug: lacework_compliance_azure_list-tenants +--- + ## lacework compliance azure list-tenants list all Azure Tenants configured diff --git a/cli/docs/lacework_compliance_azure_run-assessment.md b/cli/docs/lacework_compliance_azure_run-assessment.md index 98a246572..f36ec26f9 100644 --- a/cli/docs/lacework_compliance_azure_run-assessment.md +++ b/cli/docs/lacework_compliance_azure_run-assessment.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance azure run-assessment" +slug: lacework_compliance_azure_run-assessment +--- + ## lacework compliance azure run-assessment run a new Azure compliance assessment diff --git a/cli/docs/lacework_compliance_google.md b/cli/docs/lacework_compliance_google.md index fbe014aa6..483c31347 100644 --- a/cli/docs/lacework_compliance_google.md +++ b/cli/docs/lacework_compliance_google.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance google" +slug: lacework_compliance_google +--- + ## lacework compliance google compliance for Google Cloud @@ -8,27 +13,27 @@ Manage compliance reports for Google Cloud. To get the latest GCP compliance assessment report, use the command: - $ lacework compliance gcp get-report + lacework compliance gcp get-report These reports run on a regular schedule, typically once a day. To find out which GCP organizations/projects are connected to your Lacework account, use the following command: - $ lacework integrations list --type GCP_CFG + lacework integrations list --type GCP_CFG Then, choose one integration, copy the GUID and visualize its details using the command: - $ lacework integration show + lacework integration show To list all GCP projects from an organization, use the command: - $ lacework compliance gcp list-projects + lacework compliance gcp list-projects To run an ad-hoc compliance assessment use the command: - $ lacework compliance gcp run-assessment + lacework compliance gcp run-assessment ### Options diff --git a/cli/docs/lacework_compliance_google_get-report.md b/cli/docs/lacework_compliance_google_get-report.md index 335dd2c1c..54c381b18 100644 --- a/cli/docs/lacework_compliance_google_get-report.md +++ b/cli/docs/lacework_compliance_google_get-report.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance google get-report" +slug: lacework_compliance_google_get-report +--- + ## lacework compliance google get-report get the latest GCP compliance report @@ -9,7 +14,7 @@ typically once a day. The available report formats are human-readable (default), To run an ad-hoc compliance assessment use the command: - $ lacework compliance gcp run-assessment + lacework compliance gcp run-assessment ``` diff --git a/cli/docs/lacework_compliance_google_list-projects.md b/cli/docs/lacework_compliance_google_list-projects.md index 707e43054..b1c719703 100644 --- a/cli/docs/lacework_compliance_google_list-projects.md +++ b/cli/docs/lacework_compliance_google_list-projects.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance google list-projects" +slug: lacework_compliance_google_list-projects +--- + ## lacework compliance google list-projects list projects from an organization @@ -8,11 +13,11 @@ List all GCP projects from the provided organization ID. Use the following command to list all GCP integrations in your account: - $ lacework integrations list --type GCP_CFG + lacework integrations list --type GCP_CFG Then, select one GUID from an integration and visualize its details using the command: - $ lacework integration show + lacework integration show ``` diff --git a/cli/docs/lacework_compliance_google_list.md b/cli/docs/lacework_compliance_google_list.md index 424bc0dce..afc319c8e 100644 --- a/cli/docs/lacework_compliance_google_list.md +++ b/cli/docs/lacework_compliance_google_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance google list" +slug: lacework_compliance_google_list +--- + ## lacework compliance google list list gcp projects and organizations diff --git a/cli/docs/lacework_compliance_google_run-assessment.md b/cli/docs/lacework_compliance_google_run-assessment.md index 3cc5481a9..911f29816 100644 --- a/cli/docs/lacework_compliance_google_run-assessment.md +++ b/cli/docs/lacework_compliance_google_run-assessment.md @@ -1,3 +1,8 @@ +--- +title: "lacework compliance google run-assessment" +slug: lacework_compliance_google_run-assessment +--- + ## lacework compliance google run-assessment run a new GCP compliance assessment diff --git a/cli/docs/lacework_configure.md b/cli/docs/lacework_configure.md index ba677b87e..706d3e8bc 100644 --- a/cli/docs/lacework_configure.md +++ b/cli/docs/lacework_configure.md @@ -1,3 +1,8 @@ +--- +title: "lacework configure" +slug: lacework_configure +--- + ## lacework configure configure the Lacework CLI diff --git a/cli/docs/lacework_configure_list.md b/cli/docs/lacework_configure_list.md index cf9d34081..a99da1f9b 100644 --- a/cli/docs/lacework_configure_list.md +++ b/cli/docs/lacework_configure_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework configure list" +slug: lacework_configure_list +--- + ## lacework configure list list all configured profiles at ~/.lacework.toml diff --git a/cli/docs/lacework_configure_show.md b/cli/docs/lacework_configure_show.md index 8f3e1842b..59c25ea1c 100644 --- a/cli/docs/lacework_configure_show.md +++ b/cli/docs/lacework_configure_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework configure show" +slug: lacework_configure_show +--- + ## lacework configure show show current configuration data @@ -9,6 +14,7 @@ key. The order of precedence to compute the configuration is flags, environment variables, and the configuration file ~/.lacework.toml. The available configuration keys are: + * profile * account * api_secret @@ -16,7 +22,7 @@ The available configuration keys are: To show the configuration from a different profile, use the flag --profile. - $ lacework configure show account --profile my-profile + lacework configure show account --profile my-profile ``` lacework configure show [flags] diff --git a/cli/docs/lacework_event.md b/cli/docs/lacework_event.md index 474709fe4..e4e567a71 100644 --- a/cli/docs/lacework_event.md +++ b/cli/docs/lacework_event.md @@ -1,3 +1,8 @@ +--- +title: "lacework event" +slug: lacework_event +--- + ## lacework event inspect Lacework events diff --git a/cli/docs/lacework_event_list.md b/cli/docs/lacework_event_list.md index 287dbde7e..2fe7be419 100644 --- a/cli/docs/lacework_event_list.md +++ b/cli/docs/lacework_event_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework event list" +slug: lacework_event_list +--- + ## lacework event list list all events (default last 7 days) @@ -13,7 +18,7 @@ Additionally, pass --days to list events for a specified number of days. For example, to list all events from the last day with severity medium and above (Critical, High and Medium) run: - $ lacework events list --severity medium --days 1 + lacework events list --severity medium --days 1 ``` lacework event list [flags] diff --git a/cli/docs/lacework_event_open.md b/cli/docs/lacework_event_open.md index b35b0df46..8020a7913 100644 --- a/cli/docs/lacework_event_open.md +++ b/cli/docs/lacework_event_open.md @@ -1,3 +1,8 @@ +--- +title: "lacework event open" +slug: lacework_event_open +--- + ## lacework event open open a specified event in a web browser diff --git a/cli/docs/lacework_event_show.md b/cli/docs/lacework_event_show.md index 9bb3feec5..b686c75f3 100644 --- a/cli/docs/lacework_event_show.md +++ b/cli/docs/lacework_event_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework event show" +slug: lacework_event_show +--- + ## lacework event show show details about a specific event diff --git a/cli/docs/lacework_integration.md b/cli/docs/lacework_integration.md index d31236281..a10db9529 100644 --- a/cli/docs/lacework_integration.md +++ b/cli/docs/lacework_integration.md @@ -1,3 +1,8 @@ +--- +title: "lacework integration" +slug: lacework_integration +--- + ## lacework integration manage external integrations diff --git a/cli/docs/lacework_integration_create.md b/cli/docs/lacework_integration_create.md index 6492f6ce4..ca0fb81c0 100644 --- a/cli/docs/lacework_integration_create.md +++ b/cli/docs/lacework_integration_create.md @@ -1,3 +1,8 @@ +--- +title: "lacework integration create" +slug: lacework_integration_create +--- + ## lacework integration create create an external integrations diff --git a/cli/docs/lacework_integration_delete.md b/cli/docs/lacework_integration_delete.md index 1f5bb85a8..a89efa092 100644 --- a/cli/docs/lacework_integration_delete.md +++ b/cli/docs/lacework_integration_delete.md @@ -1,3 +1,8 @@ +--- +title: "lacework integration delete" +slug: lacework_integration_delete +--- + ## lacework integration delete delete an external integrations diff --git a/cli/docs/lacework_integration_list.md b/cli/docs/lacework_integration_list.md index b48e455d6..b5dd58d92 100644 --- a/cli/docs/lacework_integration_list.md +++ b/cli/docs/lacework_integration_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework integration list" +slug: lacework_integration_list +--- + ## lacework integration list list all available external integrations diff --git a/cli/docs/lacework_integration_show.md b/cli/docs/lacework_integration_show.md index 377f33105..0afc3953e 100644 --- a/cli/docs/lacework_integration_show.md +++ b/cli/docs/lacework_integration_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework integration show" +slug: lacework_integration_show +--- + ## lacework integration show show details about a specific external integration diff --git a/cli/docs/lacework_policy.md b/cli/docs/lacework_policy.md index 8936d1ab5..467a53615 100644 --- a/cli/docs/lacework_policy.md +++ b/cli/docs/lacework_policy.md @@ -1,3 +1,8 @@ +--- +title: "lacework policy" +slug: lacework_policy +--- + ## lacework policy manage policies diff --git a/cli/docs/lacework_policy_create.md b/cli/docs/lacework_policy_create.md index 46d4b9b87..abd71d298 100644 --- a/cli/docs/lacework_policy_create.md +++ b/cli/docs/lacework_policy_create.md @@ -1,3 +1,8 @@ +--- +title: "lacework policy create" +slug: lacework_policy_create +--- + ## lacework policy create create a policy diff --git a/cli/docs/lacework_policy_delete.md b/cli/docs/lacework_policy_delete.md index 4547b36a4..f7692da1c 100644 --- a/cli/docs/lacework_policy_delete.md +++ b/cli/docs/lacework_policy_delete.md @@ -1,3 +1,8 @@ +--- +title: "lacework policy delete" +slug: lacework_policy_delete +--- + ## lacework policy delete delete a policy diff --git a/cli/docs/lacework_policy_list.md b/cli/docs/lacework_policy_list.md index 0c1a74b1b..9f4d10a31 100644 --- a/cli/docs/lacework_policy_list.md +++ b/cli/docs/lacework_policy_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework policy list" +slug: lacework_policy_list +--- + ## lacework policy list list policies diff --git a/cli/docs/lacework_policy_show.md b/cli/docs/lacework_policy_show.md index ea2a07cf4..e6a36d9cd 100644 --- a/cli/docs/lacework_policy_show.md +++ b/cli/docs/lacework_policy_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework policy show" +slug: lacework_policy_show +--- + ## lacework policy show show policy diff --git a/cli/docs/lacework_policy_update.md b/cli/docs/lacework_policy_update.md index 306162753..63ebbce03 100644 --- a/cli/docs/lacework_policy_update.md +++ b/cli/docs/lacework_policy_update.md @@ -1,3 +1,8 @@ +--- +title: "lacework policy update" +slug: lacework_policy_update +--- + ## lacework policy update update a policy diff --git a/cli/docs/lacework_query.md b/cli/docs/lacework_query.md index 887bb4e71..f06ab0d9e 100644 --- a/cli/docs/lacework_query.md +++ b/cli/docs/lacework_query.md @@ -1,3 +1,8 @@ +--- +title: "lacework query" +slug: lacework_query +--- + ## lacework query run and manage queries diff --git a/cli/docs/lacework_query_create.md b/cli/docs/lacework_query_create.md index 94db88176..5b7fb2b13 100644 --- a/cli/docs/lacework_query_create.md +++ b/cli/docs/lacework_query_create.md @@ -1,3 +1,8 @@ +--- +title: "lacework query create" +slug: lacework_query_create +--- + ## lacework query create create a query diff --git a/cli/docs/lacework_query_delete.md b/cli/docs/lacework_query_delete.md index d6d1ca5a1..fea6e8bf0 100644 --- a/cli/docs/lacework_query_delete.md +++ b/cli/docs/lacework_query_delete.md @@ -1,3 +1,8 @@ +--- +title: "lacework query delete" +slug: lacework_query_delete +--- + ## lacework query delete delete a query diff --git a/cli/docs/lacework_query_list-sources.md b/cli/docs/lacework_query_list-sources.md index 220932ceb..22e7a9cfa 100644 --- a/cli/docs/lacework_query_list-sources.md +++ b/cli/docs/lacework_query_list-sources.md @@ -1,3 +1,8 @@ +--- +title: "lacework query list-sources" +slug: lacework_query_list-sources +--- + ## lacework query list-sources list Lacework query data sources diff --git a/cli/docs/lacework_query_list.md b/cli/docs/lacework_query_list.md index 80a09eb2b..bd59b7742 100644 --- a/cli/docs/lacework_query_list.md +++ b/cli/docs/lacework_query_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework query list" +slug: lacework_query_list +--- + ## lacework query list list queries diff --git a/cli/docs/lacework_query_run.md b/cli/docs/lacework_query_run.md index 557595f96..52595e404 100644 --- a/cli/docs/lacework_query_run.md +++ b/cli/docs/lacework_query_run.md @@ -1,3 +1,8 @@ +--- +title: "lacework query run" +slug: lacework_query_run +--- + ## lacework query run run a query diff --git a/cli/docs/lacework_query_show-source.md b/cli/docs/lacework_query_show-source.md index 2c4c11ad0..4d4fa2434 100644 --- a/cli/docs/lacework_query_show-source.md +++ b/cli/docs/lacework_query_show-source.md @@ -1,3 +1,8 @@ +--- +title: "lacework query show-source" +slug: lacework_query_show-source +--- + ## lacework query show-source show Lacework query data source diff --git a/cli/docs/lacework_query_show.md b/cli/docs/lacework_query_show.md index 034fe3654..8b59c1408 100644 --- a/cli/docs/lacework_query_show.md +++ b/cli/docs/lacework_query_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework query show" +slug: lacework_query_show +--- + ## lacework query show show a query diff --git a/cli/docs/lacework_query_update.md b/cli/docs/lacework_query_update.md index 287f41ed9..6c4a826bf 100644 --- a/cli/docs/lacework_query_update.md +++ b/cli/docs/lacework_query_update.md @@ -1,3 +1,8 @@ +--- +title: "lacework query update" +slug: lacework_query_update +--- + ## lacework query update update a query diff --git a/cli/docs/lacework_query_validate.md b/cli/docs/lacework_query_validate.md index c2050bd27..55cd3f6bb 100644 --- a/cli/docs/lacework_query_validate.md +++ b/cli/docs/lacework_query_validate.md @@ -1,3 +1,8 @@ +--- +title: "lacework query validate" +slug: lacework_query_validate +--- + ## lacework query validate validate a query diff --git a/cli/docs/lacework_resource-group.md b/cli/docs/lacework_resource-group.md index 64333ad92..29e9d19e4 100644 --- a/cli/docs/lacework_resource-group.md +++ b/cli/docs/lacework_resource-group.md @@ -1,3 +1,8 @@ +--- +title: "lacework resource-group" +slug: lacework_resource-group +--- + ## lacework resource-group manage resource groups diff --git a/cli/docs/lacework_resource-group_create.md b/cli/docs/lacework_resource-group_create.md index 9dbb964ac..635cf469c 100644 --- a/cli/docs/lacework_resource-group_create.md +++ b/cli/docs/lacework_resource-group_create.md @@ -1,3 +1,8 @@ +--- +title: "lacework resource-group create" +slug: lacework_resource-group_create +--- + ## lacework resource-group create create a new resource group diff --git a/cli/docs/lacework_resource-group_delete.md b/cli/docs/lacework_resource-group_delete.md index b44fc5117..b8941442b 100644 --- a/cli/docs/lacework_resource-group_delete.md +++ b/cli/docs/lacework_resource-group_delete.md @@ -1,3 +1,8 @@ +--- +title: "lacework resource-group delete" +slug: lacework_resource-group_delete +--- + ## lacework resource-group delete delete a resource group diff --git a/cli/docs/lacework_resource-group_list.md b/cli/docs/lacework_resource-group_list.md index c79eade73..1e3d873d7 100644 --- a/cli/docs/lacework_resource-group_list.md +++ b/cli/docs/lacework_resource-group_list.md @@ -1,3 +1,8 @@ +--- +title: "lacework resource-group list" +slug: lacework_resource-group_list +--- + ## lacework resource-group list list all resource groups diff --git a/cli/docs/lacework_resource-group_show.md b/cli/docs/lacework_resource-group_show.md index 7d2bcb305..787983449 100644 --- a/cli/docs/lacework_resource-group_show.md +++ b/cli/docs/lacework_resource-group_show.md @@ -1,3 +1,8 @@ +--- +title: "lacework resource-group show" +slug: lacework_resource-group_show +--- + ## lacework resource-group show get resource group by id diff --git a/cli/docs/lacework_version.md b/cli/docs/lacework_version.md index e3a9e6991..c55dd8cda 100644 --- a/cli/docs/lacework_version.md +++ b/cli/docs/lacework_version.md @@ -1,3 +1,8 @@ +--- +title: "lacework version" +slug: lacework_version +--- + ## lacework version print the Lacework CLI version diff --git a/cli/docs/lacework_vulnerability.md b/cli/docs/lacework_vulnerability.md index 9f9745836..f3427dda7 100644 --- a/cli/docs/lacework_vulnerability.md +++ b/cli/docs/lacework_vulnerability.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability" +slug: lacework_vulnerability +--- + ## lacework vulnerability container and host vulnerability assessments diff --git a/cli/docs/lacework_vulnerability_container.md b/cli/docs/lacework_vulnerability_container.md index 35492ff9c..0c8bc7e96 100644 --- a/cli/docs/lacework_vulnerability_container.md +++ b/cli/docs/lacework_vulnerability_container.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability container" +slug: lacework_vulnerability_container +--- + ## lacework vulnerability container vulnerability assessment for containers @@ -13,7 +18,7 @@ trying to scan or show. To create a new integration use the following command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: diff --git a/cli/docs/lacework_vulnerability_container_list-assessments.md b/cli/docs/lacework_vulnerability_container_list-assessments.md index 355be9d60..0c912191a 100644 --- a/cli/docs/lacework_vulnerability_container_list-assessments.md +++ b/cli/docs/lacework_vulnerability_container_list-assessments.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability container list-assessments" +slug: lacework_vulnerability_container_list-assessments +--- + ## lacework vulnerability container list-assessments list container vulnerability assessments (default last 7 days) diff --git a/cli/docs/lacework_vulnerability_container_list-registries.md b/cli/docs/lacework_vulnerability_container_list-registries.md index 6bb30cc67..f3b8007bf 100644 --- a/cli/docs/lacework_vulnerability_container_list-registries.md +++ b/cli/docs/lacework_vulnerability_container_list-registries.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability container list-registries" +slug: lacework_vulnerability_container_list-registries +--- + ## lacework vulnerability container list-registries list all container registries configured diff --git a/cli/docs/lacework_vulnerability_container_scan-status.md b/cli/docs/lacework_vulnerability_container_scan-status.md index 798bdff7e..aa539cb4a 100644 --- a/cli/docs/lacework_vulnerability_container_scan-status.md +++ b/cli/docs/lacework_vulnerability_container_scan-status.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability container scan-status" +slug: lacework_vulnerability_container_scan-status +--- + ## lacework vulnerability container scan-status check the status of an on-demand container vulnerability assessment diff --git a/cli/docs/lacework_vulnerability_container_scan.md b/cli/docs/lacework_vulnerability_container_scan.md index ac38cc682..b6661bc7b 100644 --- a/cli/docs/lacework_vulnerability_container_scan.md +++ b/cli/docs/lacework_vulnerability_container_scan.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability container scan" +slug: lacework_vulnerability_container_scan +--- + ## lacework vulnerability container scan request an on-demand container vulnerability assessment @@ -6,16 +11,17 @@ request an on-demand container vulnerability assessment Request on-demand container vulnerability assessments and view the generated results. -NOTE: Scans can take up to 15 minutes to return results. +To list all container registries configured in your account: -Arguments: - container registry where the container image has been published - repository name that contains the container image - either a tag or an image digest to scan (digest format: sha256:1ee...1d3b) + lacework vulnerability container list-registries -To list all container registries configured in your account: +**NOTE:** Scans can take up to 15 minutes to return results. - $ lacework vulnerability container list-registries +Arguments: + container registry where the container image has been published + repository name that contains the container image + either a tag or an image digest to scan (digest format: sha256:1ee...1d3b) + ``` lacework vulnerability container scan [flags] diff --git a/cli/docs/lacework_vulnerability_container_show-assessment.md b/cli/docs/lacework_vulnerability_container_show-assessment.md index 01b2c23de..7f6dc3591 100644 --- a/cli/docs/lacework_vulnerability_container_show-assessment.md +++ b/cli/docs/lacework_vulnerability_container_show-assessment.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability container show-assessment" +slug: lacework_vulnerability_container_show-assessment +--- + ## lacework vulnerability container show-assessment show results of a container vulnerability assessment @@ -15,7 +20,7 @@ image id. To request an on-demand vulnerability scan: - $ lacework vulnerability container scan + lacework vulnerability container scan ``` lacework vulnerability container show-assessment [flags] diff --git a/cli/docs/lacework_vulnerability_host.md b/cli/docs/lacework_vulnerability_host.md index e987b11e3..bb1ca00d7 100644 --- a/cli/docs/lacework_vulnerability_host.md +++ b/cli/docs/lacework_vulnerability_host.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability host" +slug: lacework_vulnerability_host +--- + ## lacework vulnerability host vulnerability assessment for hosts diff --git a/cli/docs/lacework_vulnerability_host_generate-pkg-manifest.md b/cli/docs/lacework_vulnerability_host_generate-pkg-manifest.md index e74beb90a..4d35d8e50 100644 --- a/cli/docs/lacework_vulnerability_host_generate-pkg-manifest.md +++ b/cli/docs/lacework_vulnerability_host_generate-pkg-manifest.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability host generate-pkg-manifest" +slug: lacework_vulnerability_host_generate-pkg-manifest +--- + ## lacework vulnerability host generate-pkg-manifest generates a package-manifest from the local host @@ -10,7 +15,7 @@ scan package-manifest API. Additionally, you can automatically generate a package-manifest from the local host and send it directly to the Lacework API with the command: - $ lacework vulnerability host scan-pkg-manifest --local + lacework vulnerability host scan-pkg-manifest --local ``` lacework vulnerability host generate-pkg-manifest [flags] diff --git a/cli/docs/lacework_vulnerability_host_list-cves.md b/cli/docs/lacework_vulnerability_host_list-cves.md index 0636e7573..338db7bf1 100644 --- a/cli/docs/lacework_vulnerability_host_list-cves.md +++ b/cli/docs/lacework_vulnerability_host_list-cves.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability host list-cves" +slug: lacework_vulnerability_host_list-cves +--- + ## lacework vulnerability host list-cves list the CVEs found in the hosts in your environment @@ -9,7 +14,7 @@ List the CVEs found in the hosts in your environment. Filter results to only show vulnerabilities actively running in your environment with fixes: - $ lacework vulnerability host list-cves --active --fixable + lacework vulnerability host list-cves --active --fixable ``` lacework vulnerability host list-cves [flags] diff --git a/cli/docs/lacework_vulnerability_host_list-hosts.md b/cli/docs/lacework_vulnerability_host_list-hosts.md index 7d753000a..c8edf1bc0 100644 --- a/cli/docs/lacework_vulnerability_host_list-hosts.md +++ b/cli/docs/lacework_vulnerability_host_list-hosts.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability host list-hosts" +slug: lacework_vulnerability_host_list-hosts +--- + ## lacework vulnerability host list-hosts list the hosts that contain a specified CVE id in your environment @@ -8,7 +13,7 @@ List the hosts that contain a specified CVE id in your environment. To list the CVEs found in the hosts of your environment run: - $ lacework vulnerability host list-cves + lacework vulnerability host list-cves ``` lacework vulnerability host list-hosts [flags] diff --git a/cli/docs/lacework_vulnerability_host_scan-pkg-manifest.md b/cli/docs/lacework_vulnerability_host_scan-pkg-manifest.md index 02beb95f3..9c00eff16 100644 --- a/cli/docs/lacework_vulnerability_host_scan-pkg-manifest.md +++ b/cli/docs/lacework_vulnerability_host_scan-pkg-manifest.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability host scan-pkg-manifest" +slug: lacework_vulnerability_host_scan-pkg-manifest +--- + ## lacework vulnerability host scan-pkg-manifest request an on-demand host vulnerability assessment from a package-manifest @@ -9,7 +14,7 @@ determine if the packages contain any common vulnerabilities and exposures. Simple usage: - $ lacework vulnerability host scan-pkg-manifest '{ + lacework vulnerability host scan-pkg-manifest '{ "os_pkg_info_list": [ { "os":"Ubuntu", @@ -22,7 +27,7 @@ Simple usage: To generate a package-manifest from the local host and scan it automatically: - $ lacework vulnerability host scan-pkg-manifest --local + lacework vulnerability host scan-pkg-manifest --local (*) NOTE: - Only packages managed by a package manager for supported OS's are reported. diff --git a/cli/docs/lacework_vulnerability_host_show-assessment.md b/cli/docs/lacework_vulnerability_host_show-assessment.md index 7759c7cbc..5bd2a98cd 100644 --- a/cli/docs/lacework_vulnerability_host_show-assessment.md +++ b/cli/docs/lacework_vulnerability_host_show-assessment.md @@ -1,3 +1,8 @@ +--- +title: "lacework vulnerability host show-assessment" +slug: lacework_vulnerability_host_show-assessment +--- + ## lacework vulnerability host show-assessment show results of a host vulnerability assessment @@ -8,11 +13,11 @@ Show results of a host vulnerability assessment. To find the machine id from hosts in your environment, use the command: - $ lacework vulnerability host list-cves + lacework vulnerability host list-cves Grab a CVE id and feed it to the command: - $ lacework vulnerability host list-hosts my_cve_id + lacework vulnerability host list-hosts my_cve_id ``` lacework vulnerability host show-assessment [flags] diff --git a/cli/docs/main.go b/cli/docs/main.go index e369858d4..8d27af590 100644 --- a/cli/docs/main.go +++ b/cli/docs/main.go @@ -19,9 +19,13 @@ package main import ( + "fmt" + "github.com/lacework/go-sdk/cli/cmd" ) func main() { - cmd.GenerateMarkdownDocs() + if err := cmd.GenerateMarkdownDocs("../docs"); err != nil { + fmt.Println(err) + } } diff --git a/integration/compliance_test.go b/integration/compliance_test.go index 4933887b9..f4161a798 100644 --- a/integration/compliance_test.go +++ b/integration/compliance_test.go @@ -36,7 +36,7 @@ HIPAA benchmark standards. Get started by integrating one or more cloud accounts using the command: - $ lacework integration create + lacework integration create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -46,7 +46,7 @@ Then navigate to Settings > Integrations > Cloud Accounts. Use the following command to list all available integrations in your account: - $ lacework integrations list + lacework integrations list Usage: lacework compliance [command] @@ -55,9 +55,9 @@ Aliases: compliance, comp Available Commands: - aws compliance for AWS - azure compliance for Azure Cloud - google compliance for Google Cloud + aws Compliance for AWS + azure Compliance for Azure Cloud + google Compliance for Google Cloud Flags: -h, --help help for compliance diff --git a/integration/help_test.go b/integration/help_test.go index 2d6e0750d..4dd625a80 100644 --- a/integration/help_test.go +++ b/integration/help_test.go @@ -65,8 +65,8 @@ Usage: lacework configure [command] Available Commands: - list list all configured profiles at ~/.lacework.toml - show show current configuration data + list List all configured profiles at ~/.lacework.toml + show Show current configuration data Flags: -h, --help help for configure @@ -137,7 +137,7 @@ external integrations, vulnerability scans, and other operations. Start by configuring the Lacework CLI with the command: - $ lacework configure + lacework configure This will prompt you for your Lacework account and a set of API access keys. @@ -145,20 +145,20 @@ Usage: lacework [command] Available Commands: - access-token generate temporary API access tokens - account manage accounts in an organization (org admins only) - agent manage Lacework agents - alert-rule manage alert rules - api helper to call Lacework's API - compliance manage compliance reports - configure configure the Lacework CLI - event inspect Lacework events - integration manage external integrations - policy manage policies - query run and manage queries - resource-group manage resource groups - version print the Lacework CLI version - vulnerability container and host vulnerability assessments + access-token Generate temporary API access tokens + account Manage accounts in an organization (org admins only) + agent Manage Lacework agents + alert-rule Manage alert rules + api Helper to call Lacework's API + compliance Manage compliance reports + configure Configure the Lacework CLI + event Inspect Lacework events + integration Manage external integrations + policy Manage policies + query Run and manage queries + resource-group Manage resource groups + version Print the Lacework CLI version + vulnerability Container and host vulnerability assessments Flags: -a, --account string account subdomain of URL (i.e. .lacework.net) diff --git a/integration/vulnerability_test.go b/integration/vulnerability_test.go index 5c1bb73fb..780a5243f 100644 --- a/integration/vulnerability_test.go +++ b/integration/vulnerability_test.go @@ -44,8 +44,8 @@ func TestVulnerabilityCommandAliases(t *testing.T) { func TestVulnerabilityCommands(t *testing.T) { out, err, exitcode := LaceworkCLI("help", "vulnerability") - assert.Contains(t, out.String(), "container vulnerability assessment for containers") - assert.Contains(t, out.String(), "host vulnerability assessment for hosts") + assert.Contains(t, out.String(), "container Vulnerability assessment for containers") + assert.Contains(t, out.String(), "host Vulnerability assessment for hosts") assert.Empty(t, err.String(), "STDERR should be empty") assert.Equal(t, 0, exitcode, "EXITCODE is not the expected one") }