feat(cli): add Azure list-tenants sub-command (#341)

Signed-off-by: Darren Murray <[email protected]>
Co-authored-by: Salim Afiune Maya <[email protected]>

cli/cmd/compliance.go

@@ -93,25 +93,19 @@ Use the following command to list all available integrations in your account:
 		Short:   "compliance for Azure Cloud",
 		Long: `Manage compliance reports for Azure Cloud.
 
-To get the latest Azure compliance assessment report, use the command:
+To list all Azure Tenants configured in your account:
 
-    $ lacework compliance azure get-report <tenant_id> <subscriptions_id>
+    $ lacework compliance azure list-tenants
 
-These reports run on a regular schedule, typically once a day.
+To list all Azure Subscriptions from a Tenant, use the command:
 
-To find out which Azure tenants/subscriptions are connected to your
-Lacework account, use the following command:
-
-    $ lacework integrations list --type AZURE_CFG
-
-Then, choose one integration, copy the GUID and visualize its details
-using the command:
+    $ lacework compliance azure list-subscriptions <tenant_id>
 
-    $ lacework integration show <int_guid>
+To get the latest Azure compliance assessment report, use the command:
 
-To list all Azure subscriptions from a tenant, use the command:
+    $ lacework compliance azure get-report <tenant_id> <subscriptions_id>
 
-    $ lacework compliance azure list-subscriptions <tenant_id>
+These reports run on a regular schedule, typically once a day.
 
 To run an ad-hoc compliance assessment use the command:
 

cli/cmd/compliance_azure.go

@@ -34,18 +34,13 @@ var (
 	// complianceAzureListSubsCmd represents the list-subscriptions sub-command inside the azure command
 	complianceAzureListSubsCmd = &cobra.Command{
 		Use:     "list-subscriptions <tenant_id>",
-		Aliases: []string{"list-subs", "list"},
+		Aliases: []string{"list-subs"},
 		Short:   "list subscriptions from tenant",
-		Long: `List all Azure subscriptions from the provided tenant ID.
+		Long: `List all Azure subscriptions from the provided Tenant ID.
 
-Use the following command to list all Azure integrations in your account:
+Use the following command to list all Azure Tenants configured in your account:
 
-    $ lacework integrations list --type AZURE_CFG
-
-Then, select one GUID from an integration and visualize its details using the command:
-
-    $ lacework integration show <int_guid>
-`,
+    $ lacework compliance az list`,
 		Args: cobra.ExactArgs(1),
 		RunE: func(_ *cobra.Command, args []string) error {
 			response, err := cli.LwApi.Compliance.ListAzureSubscriptions(args[0])
@@ -68,6 +63,54 @@ Then, select one GUID from an integration and visualize its details using the co
 		},
 	}
 
+	// complianceAzureListTenantsCmd represents the list-tenants sub-command inside the azure command
+	complianceAzureListTenantsCmd = &cobra.Command{
+		Use:     "list-tenants",
+		Aliases: []string{"list"},
+		Short:   "list all Azure Tenants configured",
+		Long:    `List all Azure Tenants configured in your account.`,
+		Args:    cobra.NoArgs,
+		RunE: func(_ *cobra.Command, _ []string) error {
+			azureIntegrations, err := cli.LwApi.Integrations.ListAzureCfg()
+			if err != nil {
+				return errors.Wrap(err, "unable to get azure integrations")
+			}
+			if len(azureIntegrations.Data) == 0 {
+				msg := `There are no Azure Tenants configured in your account.
+
+Get started by integrating your Azure Tenants to analyze configuration compliance using the command:
+
+    $ lacework integration create
+
+Or, if you prefer to do it via the WebUI, log in to your account at:
+
+    https://%s.lacework.net
+
+Then navigate to Settings > Integrations > Cloud Accounts.
+`
+				cli.OutputHuman(fmt.Sprintf(msg, cli.Account))
+				return nil
+			}
+
+			azureTenants := make([]string, 0)
+			for _, i := range azureIntegrations.Data {
+				azureTenants = append(azureTenants, i.Data.TenantID)
+			}
+
+			if cli.JSONOutput() {
+				return cli.OutputJSON(azureTenants)
+			}
+
+			var rows [][]string
+			for _, tenant := range azureTenants {
+				rows = append(rows, []string{tenant})
+			}
+
+			cli.OutputHuman(renderSimpleTable([]string{"Azure Tenants"}, rows))
+			return nil
+		},
+	}
+
 	// complianceAzureGetReportCmd represents the get-report sub-command inside the azure command
 	complianceAzureGetReportCmd = &cobra.Command{
 		Use:     "get-report <tenant_id> <subscriptions_id>",
@@ -201,6 +244,7 @@ To run an ad-hoc compliance assessment use the command:
 func init() {
 	// add sub-commands to the azure command
 	complianceAzureCmd.AddCommand(complianceAzureListSubsCmd)
+	complianceAzureCmd.AddCommand(complianceAzureListTenantsCmd)
 	complianceAzureCmd.AddCommand(complianceAzureGetReportCmd)
 	complianceAzureCmd.AddCommand(complianceAzureRunAssessmentCmd)
 

integration/compliance_azure_test.go

@@ -0,0 +1,33 @@
+//
+// Author:: Darren Murray (<[email protected]>)
+// Copyright:: Copyright 2020, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+package integration
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestComplianceAzureListTenants(t *testing.T) {
+	out, err, exitcode := LaceworkCLIWithTOMLConfig("compliance", "az", "list-tenants")
+
+	assert.Empty(t, err.String(), "STDERR should be empty")
+	assert.Equal(t, 0, exitcode, "EXITCODE is not the expected one")
+	assert.Contains(t, out.String(), "TENANTS",
+		"STDOUT table headers changed, please check")
+}