diff --git a/DEVELOPER_GUIDELINES.md b/DEVELOPER_GUIDELINES.md index 67f669b9b..bdf49b5e8 100644 --- a/DEVELOPER_GUIDELINES.md +++ b/DEVELOPER_GUIDELINES.md @@ -21,7 +21,7 @@ feat(cli): add --api_token global flag This new flag will replace the use of `api_key` and `api_secret` so that users can run the Lacework CLI only with an access token and their account: - lacework int list --api_token _secret123 -a mycompany + lacework cloud-account list --api_token _secret123 -a mycompany Closes https://github.com/lacework/go-sdk/issues/282 ``` diff --git a/cli/cmd/compliance.go b/cli/cmd/compliance.go index 8863e6e4a..409f7c967 100644 --- a/cli/cmd/compliance.go +++ b/cli/cmd/compliance.go @@ -76,7 +76,7 @@ HIPAA benchmark standards. Get started by integrating one or more cloud accounts using the command: - lacework integration create + lacework cloud-account create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -86,7 +86,7 @@ Then navigate to Settings > Integrations > Cloud Accounts. Use the following command to list all available integrations in your account: - lacework integrations list + lacework cloud-account list `, } diff --git a/cli/cmd/compliance_aws.go b/cli/cmd/compliance_aws.go index 2f7dbc5c3..71467b3df 100644 --- a/cli/cmd/compliance_aws.go +++ b/cli/cmd/compliance_aws.go @@ -609,7 +609,7 @@ func cliListAwsAccounts(awsIntegrations api.CloudAccountsResponse) error { Get started by integrating your AWS accounts to analyze configuration compliance using the command: - lacework integration create + lacework cloud-account aws create If you prefer to configure the integration via the WebUI, log in to your account at: diff --git a/cli/cmd/compliance_azure.go b/cli/cmd/compliance_azure.go index 361713f62..09372a8cb 100644 --- a/cli/cmd/compliance_azure.go +++ b/cli/cmd/compliance_azure.go @@ -602,7 +602,7 @@ func cliListTenantsAndSubscriptions(azureIntegrations api.CloudAccountsResponse) Get started by integrating your Azure Tenants to analyze configuration compliance using the command: - lacework integration create + lacework cloud-account create If you prefer to configure the integration via the WebUI, log in to your account at: diff --git a/cli/cmd/compliance_gcp.go b/cli/cmd/compliance_gcp.go index e5ac20c26..ab9cf2b1c 100644 --- a/cli/cmd/compliance_gcp.go +++ b/cli/cmd/compliance_gcp.go @@ -77,11 +77,11 @@ var ( Use the following command to list all GCP integrations in your account: - lacework integrations list --type GCP_CFG + lacework cloud-account list --type GcpCfg Then, select one GUID from an integration and visualize its details using the command: - lacework integration show + lacework cloud-account show `, Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { @@ -731,7 +731,7 @@ func cliListGcpProjectsAndOrgs(response api.CloudAccountsResponse, gcpData api.G Get started by integrating your GCP to analyze configuration compliance using the command: - lacework integration create + lacework cloud-account create If you prefer to configure the integration via the WebUI, log in to your account at: diff --git a/cli/cmd/vulnerability.go b/cli/cmd/vulnerability.go index de851f2df..e60597fb9 100644 --- a/cli/cmd/vulnerability.go +++ b/cli/cmd/vulnerability.go @@ -111,7 +111,7 @@ trying to scan or show. To create a new integration use the following command: - lacework integration create + lacework container-registry create If you prefer to configure the integration via the WebUI, log in to your account at: diff --git a/cli/docs/lacework_agent_aws-install.md b/cli/docs/lacework_agent_aws-install.md new file mode 100644 index 000000000..da6eee488 --- /dev/null +++ b/cli/docs/lacework_agent_aws-install.md @@ -0,0 +1,40 @@ +--- +title: "lacework agent aws-install" +slug: lacework_agent_aws-install +hide_title: true +--- + +## lacework agent aws-install + +Install the datacollector agent on all remote AWS hosts + +### Options + +``` + -h, --help help for aws-install +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent](lacework_agent.md) - Manage Lacework agents +* [lacework agent aws-install ec2ic](lacework_agent_aws-install_ec2ic.md) - Use EC2InstanceConnect to securely connect to EC2 instances +* [lacework agent aws-install ec2ssh](lacework_agent_aws-install_ec2ssh.md) - Use SSH to securely connect to EC2 instances +* [lacework agent aws-install ec2ssm](lacework_agent_aws-install_ec2ssm.md) - Use SSM to securely install the Lacework agent on EC2 instances + diff --git a/cli/docs/lacework_agent_aws-install_ec2ic.md b/cli/docs/lacework_agent_aws-install_ec2ic.md new file mode 100644 index 000000000..e925ac3b8 --- /dev/null +++ b/cli/docs/lacework_agent_aws-install_ec2ic.md @@ -0,0 +1,87 @@ +--- +title: "lacework agent aws-install ec2ic" +slug: lacework_agent_aws-install_ec2ic +hide_title: true +--- + +## lacework agent aws-install ec2ic + +Use EC2InstanceConnect to securely connect to EC2 instances + +### Synopsis + +This command installs the agent on all EC2 instances in an AWS account using EC2InstanceConnect. + +To filter by one or more regions: + + lacework agent aws-install ec2ic --include_regions us-west-2,us-east-2 + +To filter by instance tag: + + lacework agent aws-install ec2ic --tag TagName,TagValue + +To filter by instance tag key: + + lacework agent aws-install ec2ic --tag_key TagName + +To explicitly specify the username for all SSH logins: + + lacework agent aws-install ec2ic --ssh_username + +To provide an agent access token of your choice, use the command 'lacework agent token list', +select a token and pass it to the '--token' flag. This flag must be selected if the +'--noninteractive' flag is set. + + lacework agent aws-install ec2ic --token + +AWS credentials are read from the following environment variables: +- AWS_ACCESS_KEY_ID +- AWS_SECRET_ACCESS_KEY +- AWS_SESSION_TOKEN (optional) +- AWS_REGION (optional) + +This command will only install the agent on hosts that are supported by +EC2InstanceConnect. The supported AMI types are Amazon Linux 2 and Ubuntu +16.04 and later. There may also be a region restriction. + +This command will automatically add hosts with successful connections to +'~/.ssh/known_hosts' unless specified with '--trust_host_key=false'. + +``` +lacework agent aws-install ec2ic [flags] +``` + +### Options + +``` + -h, --help help for ec2ic + -r, --include_regions strings list of regions to filter on + -n, --max_parallelism int maximum number of workers executing AWS API calls, set if rate limits are lower or higher than normal (default 50) + --ssh_username string username to login with + --tag strings only install agents on infra with this tag + --tag_key string only install agents on infra with this tag key set + --token string agent access token + --trust_host_key automatically add host keys to the ~/.ssh/known_hosts file (default true) +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent aws-install](lacework_agent_aws-install.md) - Install the datacollector agent on all remote AWS hosts + diff --git a/cli/docs/lacework_agent_aws-install_ec2ssh.md b/cli/docs/lacework_agent_aws-install_ec2ssh.md new file mode 100644 index 000000000..f2a33d719 --- /dev/null +++ b/cli/docs/lacework_agent_aws-install_ec2ssh.md @@ -0,0 +1,95 @@ +--- +title: "lacework agent aws-install ec2ssh" +slug: lacework_agent_aws-install_ec2ssh +hide_title: true +--- + +## lacework agent aws-install ec2ssh + +Use SSH to securely connect to EC2 instances + +### Synopsis + +This command installs the agent on all EC2 instances in an AWS account +using SSH. + +To filter by one or more regions: + + lacework agent aws-install ec2ssh --include_regions us-west-2,us-east-2 + +To filter by instance tag: + + lacework agent aws-install ec2ssh --tag TagName,TagValue + +To filter by instance tag key: + + lacework agent aws-install ec2ssh --tag_key TagName + +To provide an existing access token, use the '--token' flag. This flag is required +when running non-interactively ('--noninteractive' flag). The interactive command +'lacework agent token list' can be used to query existing tokens. + + lacework agent aws-install ec2ic --token + +You will need to provide an SSH authentication method. This authentication method +should work for all instances that your tag or region filters select. Instances must +be routable from your local host. + +To authenticate using username and password: + + lacework agent aws-install ec2ssh --ssh_username --ssh_password + +To authenticate using an identity file: + + lacework agent aws-install ec2ssh -i /path/to/your/key + +The environment should contain AWS credentials in the following variables: +- AWS_ACCESS_KEY_ID +- AWS_SECRET_ACCESS_KEY +- AWS_SESSION_TOKEN (optional), +- AWS_REGION (optional) + +This command will automatically add hosts with successful connections to +'~/.ssh/known_hosts' unless specified with '--trust_host_key=false'. + +``` +lacework agent aws-install ec2ssh [flags] +``` + +### Options + +``` + -h, --help help for ec2ssh + -i, --identity_file string identity (private key) for public key authentication (default "~/.ssh/id_rsa") + -r, --include_regions strings list of regions to filter on + -n, --max_parallelism int maximum number of workers executing AWS API calls, set if rate limits are lower or higher than normal (default 50) + --ssh_password string password for authentication + --ssh_port int port to connect to on the remote host (default 22) + --ssh_username string username to login with + --tag strings only select instances with this tag + --tag_key string only install agents on infra with this tag key + --token string agent access token + --trust_host_key automatically add host keys to the ~/.ssh/known_hosts file (default true) +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent aws-install](lacework_agent_aws-install.md) - Install the datacollector agent on all remote AWS hosts + diff --git a/cli/docs/lacework_agent_aws-install_ec2ssm.md b/cli/docs/lacework_agent_aws-install_ec2ssm.md new file mode 100644 index 000000000..4942ed7d3 --- /dev/null +++ b/cli/docs/lacework_agent_aws-install_ec2ssm.md @@ -0,0 +1,98 @@ +--- +title: "lacework agent aws-install ec2ssm" +slug: lacework_agent_aws-install_ec2ssm +hide_title: true +--- + +## lacework agent aws-install ec2ssm + +Use SSM to securely install the Lacework agent on EC2 instances + +### Synopsis + +This command installs the Lacework agent on all EC2 instances in an AWS account using SSM. + +This command will create a role and instance profile with 'SSMManagedInstanceCore' +attached and associate that instance profile with the target instances. If the target +instances already have associated instance profiles, this command will not change +their state. This command will teardown the IAM role and instance profile before exiting. + +This command authenticates with AWS credentials from well-known locations on the user's +machine. The principal associated with these credentials should have the +'AmazonEC2FullAccess', 'IAMFullAccess' and 'AmazonSSMFullAccess' policies attached. + +Target instances must have the SSM agent installed and running for successful +installation. + +To skip IAM role / instance profile creation and instance profile association: + + lacework agent aws-install ec2ssm --skip_iam_role_creation + +To provide a preexisting IAM role with the 'SSMManagedInstanceCore' policy + + lacework agent aws-install ec2ssm --iam_role_name IAMRoleName + +To filter by one or more regions: + + lacework agent aws-install ec2ssm --include_regions us-west-2,us-east-2 + +To filter by instance tag: + + lacework agent aws-install ec2ssm --tag TagName,TagValue + +To filter by instance tag key: + + lacework agent aws-install ec2ssm --tag_key TagName + +To provide an agent access token of your choice, use the command 'lacework agent token list', +select a token and pass it to the '--token' flag. This flag must be selected if the +'--noninteractive' flag is set. + + lacework agent aws-install ec2ssm --token + +AWS credentials are read from the following environment variables: +- AWS_ACCESS_KEY_ID +- AWS_SECRET_ACCESS_KEY +- AWS_SESSION_TOKEN (optional) +- AWS_REGION + +``` +lacework agent aws-install ec2ssm [flags] +``` + +### Options + +``` + -d, --dry_run set this flag to print out the target instances and exit + -f, --force_reinstall set this flag to force-reinstall the agent, even if already running on the target instance + -h, --help help for ec2ssm + --iam_role_name string IAM role name (not ARN) with SSM policy, if not provided then an ephemeral role will be created + -r, --include_regions strings list of regions to filter on + -n, --max_parallelism int maximum number of workers executing AWS API calls, set if rate limits are lower or higher than normal (default 50) + --skip_iam_role_creation set this flag to skip creating an IAM role and instance profile and associating the instance profile. Assumes all instances are already setup for SSM + --tag strings only install agents on infra with this tag + --tag_key string only install agents on infra with this tag key set + --token string agent access token +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent aws-install](lacework_agent_aws-install.md) - Install the datacollector agent on all remote AWS hosts + diff --git a/cli/docs/lacework_agent_gcp-install.md b/cli/docs/lacework_agent_gcp-install.md new file mode 100644 index 000000000..e021807f0 --- /dev/null +++ b/cli/docs/lacework_agent_gcp-install.md @@ -0,0 +1,38 @@ +--- +title: "lacework agent gcp-install" +slug: lacework_agent_gcp-install +hide_title: true +--- + +## lacework agent gcp-install + +Install the datacollector agent on all remote GCE hosts + +### Options + +``` + -h, --help help for gcp-install +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent](lacework_agent.md) - Manage Lacework agents +* [lacework agent gcp-install osl](lacework_agent_gcp-install_osl.md) - Use OSLogin to securely connect to GCE instances + diff --git a/cli/docs/lacework_agent_gcp-install_osl.md b/cli/docs/lacework_agent_gcp-install_osl.md new file mode 100644 index 000000000..5594b25e3 --- /dev/null +++ b/cli/docs/lacework_agent_gcp-install_osl.md @@ -0,0 +1,84 @@ +--- +title: "lacework agent gcp-install osl" +slug: lacework_agent_gcp-install_osl +hide_title: true +--- + +## lacework agent gcp-install osl + +Use OSLogin to securely connect to GCE instances + +### Synopsis + +This command installs the agent on all GCE instances in a GCP organization using OSLogin. + +The username of the GCP user or service account, in the form `users/`, is a +required argument. + +This command will attempt to query the GCE metadata server for the current project. If this +command is not run on a GCE instance, pass the project ID as: + + lacework agent gcp-install osl --project_id my-project-id + +To filter by one or more regions: + + lacework agent gcp-install osl --include_regions us-west1,europe-west2 + +To filter by instance metadata: + + lacework agent gcp-install osl --metadata MetadataKey,MetadataValue + +To filter by instance metadata key: + + lacework agent gcp-install osl --metadata_key MetadataKey + +To provide an agent access token of your choice, use the command 'lacework agent token list', +select a token and pass it to the '--token' flag. This flag must be selected if the +'--noninteractive' flag is set. + + lacework agent gcp-install osl --token + +GCP credentials are read using the following environment variables: +- GOOGLE_APPLICATION_CREDENTIALS + +This command will automatically add hosts with successful connections to +'~/.ssh/known_hosts' unless specified with '--trust_host_key=false'. + +``` +lacework agent gcp-install osl [flags] +``` + +### Options + +``` + -h, --help help for osl + -r, --include_regions strings list of regions to filter on + -n, --max_parallelism int maximum number of workers executing GCP API calls, set if rate limits are lower or higher than normal (default 50) + --metadata strings only install agents on infra with this metadata + --metadata_key string only install agents on infra with this metadata key set + --project_id string ID of the GCP project, set if metadata server does not provide + --token string agent access token + --trust_host_key automatically add host keys to the ~/.ssh/known_hosts file (default true) +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent gcp-install](lacework_agent_gcp-install.md) - Install the datacollector agent on all remote GCE hosts + diff --git a/cli/docs/lacework_agent_list.md b/cli/docs/lacework_agent_list.md new file mode 100644 index 000000000..0fe7a1451 --- /dev/null +++ b/cli/docs/lacework_agent_list.md @@ -0,0 +1,97 @@ +--- +title: "lacework agent list" +slug: lacework_agent_list +hide_title: true +--- + +## lacework agent list + +List all hosts with a running agent + +### Synopsis + +List all hosts that have a running agent in your environment. + +You can use 'key:value' pairs to filter the list of hosts with the --filter flag. + + lacework agent list --filter 'os:Linux' --filter 'tags.VpcId:vpc-72225916' + +**NOTE:** The value can be a regular expression such as 'hostname:db-server.*' + +To filter hosts with a running agent version '5.8.0'. + + lacework agent list --filter 'agentVersion:5.8.0.*' --filter 'status:ACTIVE' + +The available keys for this command are: + * agentVersion + * hostname + * ipAddr + * mid + * mode + * os + * status + * tags.arch + * tags.ExternalIp + * tags.Hostname + * tags.InstanceId + * tags.InternalIp + * tags.LwTokenShort + * tags.os + * tags.VmInstanceType + * tags.VmProvider + * tags.Zone + * tags.Account + * tags.AmiId + * tags.Name + * tags.SubnetId + * tags.VpcId + * tags.Cluster + * tags.cluster-location + * tags.cluster-name + * tags.cluster-uid + * tags.created-by + * tags.enable-oslogin + * tags.Env + * tags.GCEtags + * tags.gci-ensure-gke-docker + * tags.gci-update-strategy + * tags.google-compute-enable-pcid + * tags.InstanceName + * tags.InstanceTemplate + * tags.kube-labels + * tags.lw_KubernetesCluster + * tags.NumericProjectId + * tags.ProjectId + +``` +lacework agent list [flags] +``` + +### Options + +``` + --filter strings filter results by key:value pairs (e.g. 'hostname:db-server.*') + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework agent](lacework_agent.md) - Manage Lacework agents + diff --git a/cli/docs/lacework_alert-channel.md b/cli/docs/lacework_alert-channel.md new file mode 100644 index 000000000..51bd14ac0 --- /dev/null +++ b/cli/docs/lacework_alert-channel.md @@ -0,0 +1,45 @@ +--- +title: "lacework alert-channel" +slug: lacework_alert-channel +hide_title: true +--- + +## lacework alert-channel + +Manage alert channels + +### Synopsis + +Manage alert channels integrations with Lacework + +### Options + +``` + -h, --help help for alert-channel +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework alert-channel create](lacework_alert-channel_create.md) - Create a new alert channel integration +* [lacework alert-channel delete](lacework_alert-channel_delete.md) - Delete a alert channel integration +* [lacework alert-channel list](lacework_alert-channel_list.md) - List all available alert channel integrations +* [lacework alert-channel show](lacework_alert-channel_show.md) - Show a single alert channel integration + diff --git a/cli/docs/lacework_integration_create.md b/cli/docs/lacework_alert-channel_create.md similarity index 73% rename from cli/docs/lacework_integration_create.md rename to cli/docs/lacework_alert-channel_create.md index 93ad7688c..fd375b361 100644 --- a/cli/docs/lacework_integration_create.md +++ b/cli/docs/lacework_alert-channel_create.md @@ -1,19 +1,15 @@ --- -title: "lacework integration create" -slug: lacework_integration_create +title: "lacework alert-channel create" +slug: lacework_alert-channel_create hide_title: true --- -## lacework integration create +## lacework alert-channel create -Create an external integration - -### Synopsis - -Creates an external integration in your account through an interactive session. +Create a new alert channel integration ``` -lacework integration create [flags] +lacework alert-channel create [flags] ``` ### Options @@ -41,5 +37,5 @@ lacework integration create [flags] ### SEE ALSO -* [lacework integration](lacework_integration.md) - Manage external integrations +* [lacework alert-channel](lacework_alert-channel.md) - Manage alert channels diff --git a/cli/docs/lacework_integration_list.md b/cli/docs/lacework_alert-channel_delete.md similarity index 72% rename from cli/docs/lacework_integration_list.md rename to cli/docs/lacework_alert-channel_delete.md index bd78158ec..31bd87d9f 100644 --- a/cli/docs/lacework_integration_list.md +++ b/cli/docs/lacework_alert-channel_delete.md @@ -1,22 +1,21 @@ --- -title: "lacework integration list" -slug: lacework_integration_list +title: "lacework alert-channel delete" +slug: lacework_alert-channel_delete hide_title: true --- -## lacework integration list +## lacework alert-channel delete -List all available external integrations +Delete a alert channel integration ``` -lacework integration list [flags] +lacework alert-channel delete [flags] ``` ### Options ``` - -h, --help help for list - -t, --type string list all integrations of a specific type + -h, --help help for delete ``` ### Options inherited from parent commands @@ -38,5 +37,5 @@ lacework integration list [flags] ### SEE ALSO -* [lacework integration](lacework_integration.md) - Manage external integrations +* [lacework alert-channel](lacework_alert-channel.md) - Manage alert channels diff --git a/cli/docs/lacework_alert-channel_list.md b/cli/docs/lacework_alert-channel_list.md new file mode 100644 index 000000000..394df1a5d --- /dev/null +++ b/cli/docs/lacework_alert-channel_list.md @@ -0,0 +1,41 @@ +--- +title: "lacework alert-channel list" +slug: lacework_alert-channel_list +hide_title: true +--- + +## lacework alert-channel list + +List all available alert channel integrations + +``` +lacework alert-channel list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert-channel](lacework_alert-channel.md) - Manage alert channels + diff --git a/cli/docs/lacework_integration_show.md b/cli/docs/lacework_alert-channel_show.md similarity index 78% rename from cli/docs/lacework_integration_show.md rename to cli/docs/lacework_alert-channel_show.md index fa3a99cd2..aac4691b1 100644 --- a/cli/docs/lacework_integration_show.md +++ b/cli/docs/lacework_alert-channel_show.md @@ -1,15 +1,15 @@ --- -title: "lacework integration show" -slug: lacework_integration_show +title: "lacework alert-channel show" +slug: lacework_alert-channel_show hide_title: true --- -## lacework integration show +## lacework alert-channel show -Show details about a specific external integration +Show a single alert channel integration ``` -lacework integration show [flags] +lacework alert-channel show [flags] ``` ### Options @@ -37,5 +37,5 @@ lacework integration show [flags] ### SEE ALSO -* [lacework integration](lacework_integration.md) - Manage external integrations +* [lacework alert-channel](lacework_alert-channel.md) - Manage alert channels diff --git a/cli/docs/lacework_alert-profile.md b/cli/docs/lacework_alert-profile.md new file mode 100644 index 000000000..4abb0312d --- /dev/null +++ b/cli/docs/lacework_alert-profile.md @@ -0,0 +1,49 @@ +--- +title: "lacework alert-profile" +slug: lacework_alert-profile +hide_title: true +--- + +## lacework alert-profile + +Manage alert profiles + +### Synopsis + +Manage alert profiles to define how your LQL queries get consumed into alerts. + +An alert profile consists of the ID of the new profile, the ID of an existing profile that +the new profile extends, and a list of alert templates. + +### Options + +``` + -h, --help help for alert-profile +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework alert-profile create](lacework_alert-profile_create.md) - Create a new alert profile +* [lacework alert-profile delete](lacework_alert-profile_delete.md) - Delete an alert profile +* [lacework alert-profile list](lacework_alert-profile_list.md) - List all alert profiles +* [lacework alert-profile show](lacework_alert-profile_show.md) - Show an alert profile by ID +* [lacework alert-profile update](lacework_alert-profile_update.md) - Update alert templates from an existing alert profile + diff --git a/cli/docs/lacework_alert-profile_create.md b/cli/docs/lacework_alert-profile_create.md new file mode 100644 index 000000000..618551566 --- /dev/null +++ b/cli/docs/lacework_alert-profile_create.md @@ -0,0 +1,41 @@ +--- +title: "lacework alert-profile create" +slug: lacework_alert-profile_create +hide_title: true +--- + +## lacework alert-profile create + +Create a new alert profile + +``` +lacework alert-profile create [flags] +``` + +### Options + +``` + -h, --help help for create +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert-profile](lacework_alert-profile.md) - Manage alert profiles + diff --git a/cli/docs/lacework_alert-profile_delete.md b/cli/docs/lacework_alert-profile_delete.md new file mode 100644 index 000000000..1180209cd --- /dev/null +++ b/cli/docs/lacework_alert-profile_delete.md @@ -0,0 +1,45 @@ +--- +title: "lacework alert-profile delete" +slug: lacework_alert-profile_delete +hide_title: true +--- + +## lacework alert-profile delete + +Delete an alert profile + +### Synopsis + +Delete a single alert profile by its ID. + +``` +lacework alert-profile delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert-profile](lacework_alert-profile.md) - Manage alert profiles + diff --git a/cli/docs/lacework_alert-profile_list.md b/cli/docs/lacework_alert-profile_list.md new file mode 100644 index 000000000..45aae2f81 --- /dev/null +++ b/cli/docs/lacework_alert-profile_list.md @@ -0,0 +1,45 @@ +--- +title: "lacework alert-profile list" +slug: lacework_alert-profile_list +hide_title: true +--- + +## lacework alert-profile list + +List all alert profiles + +### Synopsis + +List all alert profiles configured in your Lacework account. + +``` +lacework alert-profile list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert-profile](lacework_alert-profile.md) - Manage alert profiles + diff --git a/cli/docs/lacework_alert-profile_show.md b/cli/docs/lacework_alert-profile_show.md new file mode 100644 index 000000000..32caa2c33 --- /dev/null +++ b/cli/docs/lacework_alert-profile_show.md @@ -0,0 +1,45 @@ +--- +title: "lacework alert-profile show" +slug: lacework_alert-profile_show +hide_title: true +--- + +## lacework alert-profile show + +Show an alert profile by ID + +### Synopsis + +Show a single alert profile by its ID. + +``` +lacework alert-profile show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert-profile](lacework_alert-profile.md) - Manage alert profiles + diff --git a/cli/docs/lacework_alert-profile_update.md b/cli/docs/lacework_alert-profile_update.md new file mode 100644 index 000000000..911a47f88 --- /dev/null +++ b/cli/docs/lacework_alert-profile_update.md @@ -0,0 +1,41 @@ +--- +title: "lacework alert-profile update" +slug: lacework_alert-profile_update +hide_title: true +--- + +## lacework alert-profile update + +Update alert templates from an existing alert profile + +``` +lacework alert-profile update [alert_profile_id] [flags] +``` + +### Options + +``` + -h, --help help for update +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert-profile](lacework_alert-profile.md) - Manage alert profiles + diff --git a/cli/docs/lacework_alert.md b/cli/docs/lacework_alert.md new file mode 100644 index 000000000..fa33ed3a6 --- /dev/null +++ b/cli/docs/lacework_alert.md @@ -0,0 +1,68 @@ +--- +title: "lacework alert" +slug: lacework_alert +hide_title: true +--- + +## lacework alert + +Inspect and manage alerts + +### Synopsis + +Inspect and manage alerts. + +Lacework provides real-time alerts that are interactive and manageable. +Each alert contains various metadata information, such as severity level, type, status, alert category, and associated tags. + +You can also post a comment to an alert's timeline; or change an alert status from Open to Closed. + +For more information about alerts, visit: + +https://docs.lacework.com/console/alerts-overview + +To view all alerts in your Lacework account. + + lacework alert ls + +To show an alert. + + lacework alert show + +To close an alert. + + lacework alert close + + +### Options + +``` + -h, --help help for alert +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework alert close](lacework_alert_close.md) - Close an alert +* [lacework alert comment](lacework_alert_comment.md) - Add a comment +* [lacework alert list](lacework_alert_list.md) - List all alerts +* [lacework alert open](lacework_alert_open.md) - Open a specified alert in a web browser +* [lacework alert show](lacework_alert_show.md) - Show details about a specific alert + diff --git a/cli/docs/lacework_alert_close.md b/cli/docs/lacework_alert_close.md new file mode 100644 index 000000000..35afaf512 --- /dev/null +++ b/cli/docs/lacework_alert_close.md @@ -0,0 +1,64 @@ +--- +title: "lacework alert close" +slug: lacework_alert_close +hide_title: true +--- + +## lacework alert close + +Close an alert + +### Synopsis + +Use this command to change the status of an alert to closed. + +The reason for closing the alert must be provided from the following options: + + * 0 - Other + * 1 - False positive + * 2 - Not enough information + * 3 - Malicious and have resolution in place + * 4 - Expected because of routine testing. + +Reasons may be provided inline or via prompt. + +If you choose Other, a comment is required and should contain a brief explanation of why the alert is closed. +Comments may be provided inline or via editor. + +**Note: A closed alert cannot be reopened. You will be prompted to confirm closure of the alert. +This prompt can be bypassed with the --noninteractive flag** + + +``` +lacework alert close [flags] +``` + +### Options + +``` + -c, --comment string a comment to associate with the alert closure + -h, --help help for close + -r, --reason int the reason for closing the alert (default -1) +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert](lacework_alert.md) - Inspect and manage alerts + diff --git a/cli/docs/lacework_alert_comment.md b/cli/docs/lacework_alert_comment.md new file mode 100644 index 000000000..bc092f974 --- /dev/null +++ b/cli/docs/lacework_alert_comment.md @@ -0,0 +1,49 @@ +--- +title: "lacework alert comment" +slug: lacework_alert_comment +hide_title: true +--- + +## lacework alert comment + +Add a comment + +### Synopsis + +Post a user comment on an alert's timeline . + +Comments may be provided inline or via editor. + + +``` +lacework alert comment [flags] +``` + +### Options + +``` + -c, --comment string a comment to add to the alert + -h, --help help for comment +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert](lacework_alert.md) - Inspect and manage alerts + diff --git a/cli/docs/lacework_alert_list.md b/cli/docs/lacework_alert_list.md new file mode 100644 index 000000000..3ed99d276 --- /dev/null +++ b/cli/docs/lacework_alert_list.md @@ -0,0 +1,70 @@ +--- +title: "lacework alert list" +slug: lacework_alert_list +hide_title: true +--- + +## lacework alert list + +List all alerts + +### Synopsis + +List all alerts. + +By default, alerts are shown for the last 24 hours. +Use a custom time range by suppling a range flag... + + lacework alert ls --range "last 7 days" + +Or by specifying start and end flags. + + lacework alert ls --start "-7d@d" --end "now" + +Start and end times may be specified in one of the following formats: + A. A relative time specifier + B. RFC3339 date and time + C. Epoch time in milliseconds + +To list open alerts of type "NewViolations" with high or critical severity. + + lacework alert ls --status Open --severity high --type NewViolations + + +``` +lacework alert list [flags] +``` + +### Options + +``` + --end string end time for alerts (default "now") + -h, --help help for list + --range string natural time range for alerts + --severity string filter alerts by severity threshold (critical, high, medium, low, info) + --start string start time for alerts (default "-24h") + --status string filter alerts by status (Open, Closed) + --type string filter alerts by type +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert](lacework_alert.md) - Inspect and manage alerts + diff --git a/cli/docs/lacework_alert_open.md b/cli/docs/lacework_alert_open.md new file mode 100644 index 000000000..f3798c369 --- /dev/null +++ b/cli/docs/lacework_alert_open.md @@ -0,0 +1,45 @@ +--- +title: "lacework alert open" +slug: lacework_alert_open +hide_title: true +--- + +## lacework alert open + +Open a specified alert in a web browser + +### Synopsis + +Open a specified alert in a web browser. + +``` +lacework alert open [flags] +``` + +### Options + +``` + -h, --help help for open +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert](lacework_alert.md) - Inspect and manage alerts + diff --git a/cli/docs/lacework_alert_show.md b/cli/docs/lacework_alert_show.md new file mode 100644 index 000000000..65d244f6a --- /dev/null +++ b/cli/docs/lacework_alert_show.md @@ -0,0 +1,63 @@ +--- +title: "lacework alert show" +slug: lacework_alert_show +hide_title: true +--- + +## lacework alert show + +Show details about a specific alert + +### Synopsis + +Show details about a specific alert. + +There are different types of alert details that can be shown to assist +with alert investigation. These types are referred to as alert detail scopes. + +The following alert detail scopes are available: + + * Details (default) + * Investigation + * Events + * RelatedAlerts + * Integrations + * Timeline + +View an alert's timeline details: + + lacework alert show --scope Timeline + + +``` +lacework alert show [flags] +``` + +### Options + +``` + -h, --help help for show + --scope string type of alert details to show (default "Details") +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework alert](lacework_alert.md) - Inspect and manage alerts + diff --git a/cli/docs/lacework_cloud-account_create.md b/cli/docs/lacework_cloud-account_create.md new file mode 100644 index 000000000..3e8447bfa --- /dev/null +++ b/cli/docs/lacework_cloud-account_create.md @@ -0,0 +1,41 @@ +--- +title: "lacework cloud-account create" +slug: lacework_cloud-account_create +hide_title: true +--- + +## lacework cloud-account create + +Create a new cloud account integration + +``` +lacework cloud-account create [flags] +``` + +### Options + +``` + -h, --help help for create +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework cloud-account](lacework_cloud-account.md) - Manage cloud accounts + diff --git a/cli/docs/lacework_cloud-account_delete.md b/cli/docs/lacework_cloud-account_delete.md new file mode 100644 index 000000000..45df6e6f4 --- /dev/null +++ b/cli/docs/lacework_cloud-account_delete.md @@ -0,0 +1,41 @@ +--- +title: "lacework cloud-account delete" +slug: lacework_cloud-account_delete +hide_title: true +--- + +## lacework cloud-account delete + +Delete a cloud account integration + +``` +lacework cloud-account delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework cloud-account](lacework_cloud-account.md) - Manage cloud accounts + diff --git a/integration/test_resources/help/integration_show b/cli/docs/lacework_cloud-account_show.md similarity index 69% rename from integration/test_resources/help/integration_show rename to cli/docs/lacework_cloud-account_show.md index 6ee03188f..f4efb1f08 100644 --- a/integration/test_resources/help/integration_show +++ b/cli/docs/lacework_cloud-account_show.md @@ -1,12 +1,26 @@ -Show details about a specific external integration +--- +title: "lacework cloud-account show" +slug: lacework_cloud-account_show +hide_title: true +--- -Usage: - lacework integration show [flags] +## lacework cloud-account show -Flags: +Show a single cloud account integration + +``` +lacework cloud-account show [flags] +``` + +### Options + +``` -h, --help help for show +``` + +### Options inherited from parent commands -Global Flags: +``` -a, --account string account subdomain of URL (i.e. .lacework.net) -k, --api_key string access key id -s, --api_secret string secret access key @@ -19,3 +33,9 @@ Global Flags: --organization access organization level data sets (org admins only) -p, --profile string switch between profiles configured at ~/.lacework.toml --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework cloud-account](lacework_cloud-account.md) - Manage cloud accounts + diff --git a/cli/docs/lacework_compliance.md b/cli/docs/lacework_compliance.md index 3c2dceab0..795ea1ab9 100644 --- a/cli/docs/lacework_compliance.md +++ b/cli/docs/lacework_compliance.md @@ -18,7 +18,7 @@ HIPAA benchmark standards. Get started by integrating one or more cloud accounts using the command: - lacework integration create + lacework cloud-account create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -28,7 +28,7 @@ Then navigate to Settings > Integrations > Cloud Accounts. Use the following command to list all available integrations in your account: - lacework integrations list + lacework cloud-account list ### Options diff --git a/cli/docs/lacework_compliance_aws_search.md b/cli/docs/lacework_compliance_aws_search.md new file mode 100644 index 000000000..6d6f64c90 --- /dev/null +++ b/cli/docs/lacework_compliance_aws_search.md @@ -0,0 +1,45 @@ +--- +title: "lacework compliance aws search" +slug: lacework_compliance_aws_search +hide_title: true +--- + +## lacework compliance aws search + +Search for all known violations of a given resource arn + +### Synopsis + +Search for all known violations of a given resource arn. + +``` +lacework compliance aws search [flags] +``` + +### Options + +``` + -h, --help help for search +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework compliance aws](lacework_compliance_aws.md) - Compliance for AWS + diff --git a/cli/docs/lacework_compliance_azure_list.md b/cli/docs/lacework_compliance_azure_list.md new file mode 100644 index 000000000..7dbfdc565 --- /dev/null +++ b/cli/docs/lacework_compliance_azure_list.md @@ -0,0 +1,45 @@ +--- +title: "lacework compliance azure list" +slug: lacework_compliance_azure_list +hide_title: true +--- + +## lacework compliance azure list + +List Azure tenants and subscriptions + +### Synopsis + +List all Azure tenants and subscriptions configured in your account. + +``` +lacework compliance azure list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework compliance azure](lacework_compliance_azure.md) - Compliance for Azure Cloud + diff --git a/cli/docs/lacework_compliance_google_list-projects.md b/cli/docs/lacework_compliance_google_list-projects.md index a27fd0dea..7ff5ba716 100644 --- a/cli/docs/lacework_compliance_google_list-projects.md +++ b/cli/docs/lacework_compliance_google_list-projects.md @@ -14,11 +14,11 @@ List all GCP projects from the provided organization ID. Use the following command to list all GCP integrations in your account: - lacework integrations list --type GCP_CFG + lacework cloud-account list --type GcpCfg Then, select one GUID from an integration and visualize its details using the command: - lacework integration show + lacework cloud-account show ``` diff --git a/cli/docs/lacework_configure_switch-profile.md b/cli/docs/lacework_configure_switch-profile.md new file mode 100644 index 000000000..98f57606c --- /dev/null +++ b/cli/docs/lacework_configure_switch-profile.md @@ -0,0 +1,50 @@ +--- +title: "lacework configure switch-profile" +slug: lacework_configure_switch-profile +hide_title: true +--- + +## lacework configure switch-profile + +Switch between configured profiles + +### Synopsis + +Switch between profiles configured into the config file ~/.lacework.toml + +An alternative to temporarily switch to a different profile in your current terminal +is to export the environment variable: + + export LW_PROFILE="my-profile" + +``` +lacework configure switch-profile [flags] +``` + +### Options + +``` + -h, --help help for switch-profile +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework configure](lacework_configure.md) - Configure the Lacework CLI + diff --git a/cli/docs/lacework_container-registry.md b/cli/docs/lacework_container-registry.md new file mode 100644 index 000000000..34e3603c9 --- /dev/null +++ b/cli/docs/lacework_container-registry.md @@ -0,0 +1,45 @@ +--- +title: "lacework container-registry" +slug: lacework_container-registry +hide_title: true +--- + +## lacework container-registry + +Manage container registries + +### Synopsis + +Manage container registry integrations with Lacework + +### Options + +``` + -h, --help help for container-registry +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework container-registry create](lacework_container-registry_create.md) - Create a new container registry integration +* [lacework container-registry delete](lacework_container-registry_delete.md) - Delete a container registry integration +* [lacework container-registry list](lacework_container-registry_list.md) - List all available container registry integrations +* [lacework container-registry show](lacework_container-registry_show.md) - Show a single container registry integration + diff --git a/cli/docs/lacework_container-registry_create.md b/cli/docs/lacework_container-registry_create.md new file mode 100644 index 000000000..2868a6cdb --- /dev/null +++ b/cli/docs/lacework_container-registry_create.md @@ -0,0 +1,41 @@ +--- +title: "lacework container-registry create" +slug: lacework_container-registry_create +hide_title: true +--- + +## lacework container-registry create + +Create a new container registry integration + +``` +lacework container-registry create [flags] +``` + +### Options + +``` + -h, --help help for create +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework container-registry](lacework_container-registry.md) - Manage container registries + diff --git a/cli/docs/lacework_container-registry_delete.md b/cli/docs/lacework_container-registry_delete.md new file mode 100644 index 000000000..8fc0019a3 --- /dev/null +++ b/cli/docs/lacework_container-registry_delete.md @@ -0,0 +1,41 @@ +--- +title: "lacework container-registry delete" +slug: lacework_container-registry_delete +hide_title: true +--- + +## lacework container-registry delete + +Delete a container registry integration + +``` +lacework container-registry delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework container-registry](lacework_container-registry.md) - Manage container registries + diff --git a/cli/docs/lacework_container-registry_list.md b/cli/docs/lacework_container-registry_list.md new file mode 100644 index 000000000..bd2230a0e --- /dev/null +++ b/cli/docs/lacework_container-registry_list.md @@ -0,0 +1,41 @@ +--- +title: "lacework container-registry list" +slug: lacework_container-registry_list +hide_title: true +--- + +## lacework container-registry list + +List all available container registry integrations + +``` +lacework container-registry list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework container-registry](lacework_container-registry.md) - Manage container registries + diff --git a/cli/docs/lacework_container-registry_show.md b/cli/docs/lacework_container-registry_show.md new file mode 100644 index 000000000..5f1fb650d --- /dev/null +++ b/cli/docs/lacework_container-registry_show.md @@ -0,0 +1,41 @@ +--- +title: "lacework container-registry show" +slug: lacework_container-registry_show +hide_title: true +--- + +## lacework container-registry show + +Show a single container registry integration + +``` +lacework container-registry show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework container-registry](lacework_container-registry.md) - Manage container registries + diff --git a/cli/docs/lacework_integration.md b/cli/docs/lacework_generate.md similarity index 62% rename from cli/docs/lacework_integration.md rename to cli/docs/lacework_generate.md index d28cd458a..ffc4a7287 100644 --- a/cli/docs/lacework_integration.md +++ b/cli/docs/lacework_generate.md @@ -1,21 +1,25 @@ --- -title: "lacework integration" -slug: lacework_integration +title: "lacework generate" +slug: lacework_generate hide_title: true --- -## lacework integration +## lacework generate -Manage external integrations +Generate code to onboard your account ### Synopsis -Manage external integrations with the Lacework platform +Generate code to onboard your account and deploy Lacework into various cloud environments. + +This command creates Infrastructure as Code (IaC) in the form of Terraform HCL, with the option of running +Terraform and deploying Lacework into AWS, Azure, or GCP. + ### Options ``` - -h, --help help for integration + -h, --help help for generate ``` ### Options inherited from parent commands @@ -38,8 +42,6 @@ Manage external integrations with the Lacework platform ### SEE ALSO * [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. -* [lacework integration create](lacework_integration_create.md) - Create an external integration -* [lacework integration delete](lacework_integration_delete.md) - Delete an external integration -* [lacework integration list](lacework_integration_list.md) - List all available external integrations -* [lacework integration show](lacework_integration_show.md) - Show details about a specific external integration +* [lacework generate cloud-account](lacework_generate_cloud-account.md) - Generate cloud integration IaC +* [lacework generate k8s](lacework_generate_k8s.md) - Generate Kubernetes integration IaC diff --git a/cli/docs/lacework_generate_cloud-account.md b/cli/docs/lacework_generate_cloud-account.md new file mode 100644 index 000000000..342e09555 --- /dev/null +++ b/cli/docs/lacework_generate_cloud-account.md @@ -0,0 +1,48 @@ +--- +title: "lacework generate cloud-account" +slug: lacework_generate_cloud-account +hide_title: true +--- + +## lacework generate cloud-account + +Generate cloud integration IaC + +### Synopsis + +Generate cloud-account IaC to deploy Lacework into a cloud environment. + +This command creates Infrastructure as Code (IaC) in the form of Terraform HCL, with the option of running +Terraform and deploying Lacework into AWS, Azure, or GCP. + + +### Options + +``` + -h, --help help for cloud-account +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate](lacework_generate.md) - Generate code to onboard your account +* [lacework generate cloud-account aws](lacework_generate_cloud-account_aws.md) - Generate and/or execute Terraform code for AWS integration +* [lacework generate cloud-account azure](lacework_generate_cloud-account_azure.md) - Generate and/or execute Terraform code for Azure integration +* [lacework generate cloud-account gcp](lacework_generate_cloud-account_gcp.md) - Generate and/or execute Terraform code for GCP integration + diff --git a/cli/docs/lacework_generate_cloud-account_aws.md b/cli/docs/lacework_generate_cloud-account_aws.md new file mode 100644 index 000000000..1b6fc3e24 --- /dev/null +++ b/cli/docs/lacework_generate_cloud-account_aws.md @@ -0,0 +1,87 @@ +--- +title: "lacework generate cloud-account aws" +slug: lacework_generate_cloud-account_aws +hide_title: true +--- + +## lacework generate cloud-account aws + +Generate and/or execute Terraform code for AWS integration + +### Synopsis + +Use this command to generate Terraform code for deploying Lacework into an AWS environment. + +By default, this command interactively prompts for the required information to setup the new cloud account. +In interactive mode, this command will: + +* Prompt for the required information to setup the integration +* Generate new Terraform code using the inputs +* Optionally, run the generated Terraform code: + * If Terraform is already installed, the version is verified as compatible for use + * If Terraform is not installed, or the version installed is not compatible, a new version will be installed into a temporary location + * Once Terraform is detected or installed, Terraform plan will be executed + * The command will prompt with the outcome of the plan and allow to view more details or continue with Terraform apply + * If confirmed, Terraform apply will be run, completing the setup of the cloud account + +This command can also be run in noninteractive mode. +See help output for more details on the parameter value(s) required for Terraform code generation. + + +``` +lacework generate cloud-account aws [flags] +``` + +### Options + +``` + --apply run terraform apply without executing plan or prompting + --aws_profile string specify aws profile + --aws_region string specify aws region + --aws_subaccount strings configure an additional aws account; value format must be : + --bucket_encryption_enabled enable S3 bucket encryption when creating bucket (default true) + --bucket_name string specify bucket name when creating bucket + --bucket_sse_key_arn string specify existing KMS encryption key arn for bucket + --cloudtrail enable cloudtrail integration + --cloudtrail_name string specify name of cloudtrail integration + --config enable config integration + --config_name string specify name of config integration + --consolidated_cloudtrail use consolidated trail + --existing_bucket_arn string specify existing cloudtrail S3 bucket ARN + --existing_iam_role_arn string specify existing iam role arn to use + --existing_iam_role_externalid string specify existing iam role external_id to use + --existing_iam_role_name string specify existing iam role name to use + --existing_sns_topic_arn string specify existing SNS topic arn + --force_destroy_s3 enable force destroy S3 bucket + -h, --help help for aws + --lacework_aws_account_id string the Lacework AWS root account id + --output string location to write generated content (default is ~/lacework/aws) + --sns_topic_encryption_enabled enable encryption on SNS topic when creating one (default true) + --sns_topic_encryption_key_arn string specify existing KMS encryption key arn for SNS topic + --sns_topic_name string specify SNS topic name if creating new one + --sqs_encryption_enabled enable encryption on SQS queue when creating (default true) + --sqs_encryption_key_arn string specify existing KMS encryption key arn for SQS queue + --sqs_queue_name string specify SQS queue name if creating new one +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate cloud-account](lacework_generate_cloud-account.md) - Generate cloud integration IaC + diff --git a/cli/docs/lacework_generate_cloud-account_azure.md b/cli/docs/lacework_generate_cloud-account_azure.md new file mode 100644 index 000000000..c3f3e486d --- /dev/null +++ b/cli/docs/lacework_generate_cloud-account_azure.md @@ -0,0 +1,75 @@ +--- +title: "lacework generate cloud-account azure" +slug: lacework_generate_cloud-account_azure +hide_title: true +--- + +## lacework generate cloud-account azure + +Generate and/or execute Terraform code for Azure integration + +### Synopsis + +Use this command to generate Terraform code for deploying Lacework into new Azure environment. + +By default, this command will function interactively, prompting for the required information to setup the new cloud account. In interactive mode, this command will: + +* Prompt for the required information to setup the integration +* Generate new Terraform code using the inputs +* Optionally, run the generated Terraform code: + * If Terraform is already installed, the version will be confirmed suitable for use + * If Terraform is not installed, or the version installed is not suitable, a new version will be installed into a temporary location + * Once Terraform is detected or installed, Terraform plan will be executed + * The command will prompt with the outcome of the plan and allow to view more details or continue with Terraform apply + * If confirmed, Terraform apply will be run, completing the setup of the cloud account + + +``` +lacework generate cloud-account azure [flags] +``` + +### Options + +``` + --activity_log enable active log integration + --activity_log_integration_name string specify a custom activity log integration name + --ad_create create new active directory integration (default true) + --ad_id string existing active directory application id + --ad_pass string existing active directory application password + --ad_pid string existing active directory application service principle id + --all_subscriptions subscription ids grant read access to ALL subscriptions within Tenant (overrides subscription ids) + --configuration enable configuration integration + --configuration_name string specify a custom configuration integration name + --existing_storage use existing storage account + -h, --help help for azure + --location string specify azure region where storage account logging resides + --management_group management group level integration + --management_group_id string specify management group id. Required if mgmt_group provided + --output string location to write generated content (default is ~/lacework/azure) + --storage_account_name string specify storage account name + --storage_resource_group string specify storage resource group + --subscription_ids strings list of subscriptions to grant read access; format is id1,id2,id3 + --terraform-apply run terraform apply for the generated hcl +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate cloud-account](lacework_generate_cloud-account.md) - Generate cloud integration IaC + diff --git a/cli/docs/lacework_generate_cloud-account_gcp.md b/cli/docs/lacework_generate_cloud-account_gcp.md new file mode 100644 index 000000000..c2b029dde --- /dev/null +++ b/cli/docs/lacework_generate_cloud-account_gcp.md @@ -0,0 +1,88 @@ +--- +title: "lacework generate cloud-account gcp" +slug: lacework_generate_cloud-account_gcp +hide_title: true +--- + +## lacework generate cloud-account gcp + +Generate and/or execute Terraform code for GCP integration + +### Synopsis + +Use this command to generate Terraform code for deploying Lacework into an GCP environment. + +By default, this command interactively prompts for the required information to setup the new cloud account. +In interactive mode, this command will: + +* Prompt for the required information to setup the integration +* Generate new Terraform code using the inputs +* Optionally, run the generated Terraform code: + * If Terraform is already installed, the version is verified as compatible for use + * If Terraform is not installed, or the version installed is not compatible, a new version will be installed into a temporary location + * Once Terraform is detected or installed, Terraform plan will be executed + * The command will prompt with the outcome of the plan and allow to view more details or continue with Terraform apply + * If confirmed, Terraform apply will be run, completing the setup of the cloud account + +This command can also be run in noninteractive mode. +See help output for more details on the parameter value(s) required for Terraform code generation. + + +``` +lacework generate cloud-account gcp [flags] +``` + +### Options + +``` + --apply run terraform apply without executing plan or prompting + --audit_log enable audit log integration + --audit_log_integration_name string specify a custom audit log integration name + --bucket_lifecycle_rule_age int specify the lifecycle rule age (default -1) + --bucket_region string specify bucket region + --configuration enable configuration integration + --configuration_integration_name string specify a custom configuration integration name + --custom_bucket_name string override prefix based storage bucket name generation with a custom name + --custom_filter string Audit Log filter which supersedes all other filter options when defined + --enable_force_destroy_bucket enable force bucket destroy + --enable_ubla enable universal bucket level access(ubla) (default true) + --existing_bucket_name string specify existing bucket name + --existing_service_account_name string specify existing service account name + --existing_service_account_private_key string specify existing service account private key (base64 encoded) + --existing_sink_name string specify existing sink name + -e, --folders_to_exclude stringArray List of root folders to exclude for an organization-level integration + -i, --folders_to_include stringArray list of root folders to include for an organization-level integration + --google_workspace_filter filter out Google Workspace login logs from GCP Audit Log sinks (default true) + -h, --help help for gcp + --include_root_projects Disables logic that includes root-level projects if excluding folders (default true) + --k8s_filter filter out GKE logs from GCP Audit Log sinks (default true) + --organization_id string specify the organization id (only set if organization_integration is set) + --organization_integration enable organization integration + --output string location to write generated content (default is ~/lacework/gcp) + --prefix string prefix that will be used at the beginning of every generated resource + --project_id string specify the project id to be used to provision lacework resources (required) + --service_account_credentials string specify service account credentials JSON file path (leave blank to make use of google credential ENV vars) + --wait_time string amount of time to wait before the next resource is provisioned +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate cloud-account](lacework_generate_cloud-account.md) - Generate cloud integration IaC + diff --git a/cli/docs/lacework_generate_k8s.md b/cli/docs/lacework_generate_k8s.md new file mode 100644 index 000000000..af7e20583 --- /dev/null +++ b/cli/docs/lacework_generate_k8s.md @@ -0,0 +1,47 @@ +--- +title: "lacework generate k8s" +slug: lacework_generate_k8s +hide_title: true +--- + +## lacework generate k8s + +Generate Kubernetes integration IaC + +### Synopsis + +Generate IaC to deploy Lacework into a Kubernetes platform. + +This command creates Infrastructure as Code (IaC) in the form of Terraform HCL, with the option of running +Terraform and deploying Lacework into GKE. + + +### Options + +``` + -h, --help help for k8s +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate](lacework_generate.md) - Generate code to onboard your account +* [lacework generate k8s eks](lacework_generate_k8s_eks.md) - Generate and/or execute Terraform code for EKS integration +* [lacework generate k8s gke](lacework_generate_k8s_gke.md) - Generate and/or execute Terraform code for GKE integration + diff --git a/cli/docs/lacework_generate_k8s_eks.md b/cli/docs/lacework_generate_k8s_eks.md new file mode 100644 index 000000000..8125b8dcf --- /dev/null +++ b/cli/docs/lacework_generate_k8s_eks.md @@ -0,0 +1,87 @@ +--- +title: "lacework generate k8s eks" +slug: lacework_generate_k8s_eks +hide_title: true +--- + +## lacework generate k8s eks + +Generate and/or execute Terraform code for EKS integration + +### Synopsis + +Use this command to generate Terraform code for deploying Lacework into an EKS +environment. + +By default, this command interactively prompts for the required information to set up the new cloud account. +In interactive mode, this command will: + +* Prompt for the required information to set up the integration +* Generate new Terraform code using the inputs +* Optionally, run the generated Terraform code: + * If Terraform is already installed, the version is verified as compatible for use + * If Terraform is not installed, or the version installed is not compatible, a new version will be installed into a temporary location + * Once Terraform is detected or installed, the Terraform plan is executed + * The command prompts you with the outcome of the plan and allows you to view more details or continue with Terraform apply + * If confirmed, Terraform apply runs, completing the setup of the cloud account + +This command can also be run in noninteractive mode. +See help output for more details on the parameter values required for Terraform code generation. + + +``` +lacework generate k8s eks [flags] +``` + +### Options + +``` + --apply run terraform apply without executing plan or prompting + --aws_profile string specify aws profile + --bucket_lifecycle_exp_days int specify the s3 bucket lifecycle expiration days + --bucket_sse_algorithm string specify the encryption algorithm to use for S3 bucket server-side encryption + --bucket_sse_key_arn string specify the kms key arn to be used for s3. (required when bucket_sse_algorithm is aws:kms & using an existing kms key) + --custom_filter_pattern string specify a custom cloudwatch log filter pattern + --enable_bucket_versioning enable s3 bucket versioning (default true) + --enable_encryption_s3 enable encryption on s3 bucket (default true) + --enable_firehose_encryption enable firehose encryption (default true) + --enable_force_destroy enable force destroy s3 bucket + --enable_kms_key_rotation enable automatic kms key rotation (default true) + --enable_mfa_delete_s3 enable mfa delete on s3 bucket. Requires bucket versioning. + --enable_sns_topic_encryption enable encryption on the sns topic (default true) + --existing_ca_iam_role_arn string specify existing cross account iam role arn to use + --existing_ca_iam_role_external_id string specify existing cross account iam role external_id to use + --existing_cw_iam_role_arn string specify existing cloudwatch iam role arn to use + --existing_firehose_iam_role_arn string specify existing firehose iam role arn to use + --firehose_encryption_key_arn string specify the kms key arn to be used with the Firehose + -h, --help help for eks + --integration_name string specify the name of the eks audit integration + --kms_key_deletion_days int specify the kms waiting period before deletion, in number of days + --lacework_aws_account_id string the Lacework AWS root account id + --output string location to write generated content + --prefix string specify the prefix that will be used at the beginning of every generated resource + --region_clusters stringToString configure eks clusters per aws region. To configure multiple regions pass the flag multiple times. Example format: --region_clusters ="cluster,list" (default []) + --sns_topic_encryption_key_arn string specify the kms key arn to be used with the sns topic +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate k8s](lacework_generate_k8s.md) - Generate Kubernetes integration IaC + diff --git a/cli/docs/lacework_generate_k8s_gke.md b/cli/docs/lacework_generate_k8s_gke.md new file mode 100644 index 000000000..64342f799 --- /dev/null +++ b/cli/docs/lacework_generate_k8s_gke.md @@ -0,0 +1,73 @@ +--- +title: "lacework generate k8s gke" +slug: lacework_generate_k8s_gke +hide_title: true +--- + +## lacework generate k8s gke + +Generate and/or execute Terraform code for GKE integration + +### Synopsis + +Use this command to generate Terraform code for deploying Lacework into a GKE environment. + +By default, this command interactively prompts for the required information to setup the new cloud account. +In interactive mode, this command will: + +* Prompt for the required information to setup the integration +* Generate new Terraform code using the inputs +* Optionally, run the generated Terraform code: + * If Terraform is already installed, the version is verified as compatible for use + * If Terraform is not installed, or the version installed is not compatible, a new version will be installed into a temporary location + * Once Terraform is detected or installed, Terraform plan will be executed + * The command will prompt with the outcome of the plan and allow to view more details or continue with Terraform apply + * If confirmed, Terraform apply will be run, completing the setup of the cloud account + +This command can also be run in noninteractive mode. +See help output for more details on the parameter value(s) required for Terraform code generation. + + +``` +lacework generate k8s gke [flags] +``` + +### Options + +``` + --apply run terraform apply without executing plan or prompting + --existing_service_account_name string specify existing service account name + --existing_service_account_private_key string specify existing service account private key (base64 encoded) + --existing_sink_name string specify existing sink name + -h, --help help for gke + --integration_name string specify a custom integration name + --organization_id string specify the organization id (only set if organization_integration is set) + --organization_integration enable organization integration + --output string location to write generated content (default is ~/lacework/gcp) + --prefix string prefix that will be used at the beginning of every generated resource + --project_id string specify the project id to be used to provision lacework resources (required) + --service_account_credentials string specify service account credentials JSON file path (leave blank to make use of google credential ENV vars) + --wait_time string amount of time to wait before the next resource is provisioned +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework generate k8s](lacework_generate_k8s.md) - Generate Kubernetes integration IaC + diff --git a/cli/docs/lacework_policy-exception.md b/cli/docs/lacework_policy-exception.md new file mode 100644 index 000000000..02bbea94e --- /dev/null +++ b/cli/docs/lacework_policy-exception.md @@ -0,0 +1,50 @@ +--- +title: "lacework policy-exception" +slug: lacework_policy-exception +hide_title: true +--- + +## lacework policy-exception + +Manage policy exceptions + +### Synopsis + +Manage policy exceptions in your Lacework account. + +To view all the policies in your Lacework account. + + lacework policy list + + +### Options + +``` + -h, --help help for policy-exception +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework policy-exception create](lacework_policy-exception_create.md) - Create a policy exception +* [lacework policy-exception delete](lacework_policy-exception_delete.md) - Delete a policy exception +* [lacework policy-exception list](lacework_policy-exception_list.md) - List all exceptions from a single policy +* [lacework policy-exception show](lacework_policy-exception_show.md) - Show details about a policy exception + diff --git a/cli/docs/lacework_policy-exception_create.md b/cli/docs/lacework_policy-exception_create.md new file mode 100644 index 000000000..b47fa3db0 --- /dev/null +++ b/cli/docs/lacework_policy-exception_create.md @@ -0,0 +1,53 @@ +--- +title: "lacework policy-exception create" +slug: lacework_policy-exception_create +hide_title: true +--- + +## lacework policy-exception create + +Create a policy exception + +### Synopsis + +Create a new policy exception. + +To create a new policy exception, run the command: + + lacework policy-exception create [policy_id] + +If you run the command without providing the policy_id, a +list of policies is displayed in an interactive prompt. + + +``` +lacework policy-exception create [policy_id] [flags] +``` + +### Options + +``` + -h, --help help for create +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy-exception](lacework_policy-exception.md) - Manage policy exceptions + diff --git a/cli/docs/lacework_policy-exception_delete.md b/cli/docs/lacework_policy-exception_delete.md new file mode 100644 index 000000000..7ed234b3c --- /dev/null +++ b/cli/docs/lacework_policy-exception_delete.md @@ -0,0 +1,49 @@ +--- +title: "lacework policy-exception delete" +slug: lacework_policy-exception_delete +hide_title: true +--- + +## lacework policy-exception delete + +Delete a policy exception + +### Synopsis + +Delete a policy exception. + +To remove a policy exception, run the delete command with policy ID and exception ID arguments: + + lacework policy-exception delete + +``` +lacework policy-exception delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy-exception](lacework_policy-exception.md) - Manage policy exceptions + diff --git a/cli/docs/lacework_policy-exception_list.md b/cli/docs/lacework_policy-exception_list.md new file mode 100644 index 000000000..80adb7544 --- /dev/null +++ b/cli/docs/lacework_policy-exception_list.md @@ -0,0 +1,45 @@ +--- +title: "lacework policy-exception list" +slug: lacework_policy-exception_list +hide_title: true +--- + +## lacework policy-exception list + +List all exceptions from a single policy + +### Synopsis + +List all of the policy exceptions from the provided policy ID. + +``` +lacework policy-exception list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy-exception](lacework_policy-exception.md) - Manage policy exceptions + diff --git a/cli/docs/lacework_policy-exception_show.md b/cli/docs/lacework_policy-exception_show.md new file mode 100644 index 000000000..0a9b8d08c --- /dev/null +++ b/cli/docs/lacework_policy-exception_show.md @@ -0,0 +1,45 @@ +--- +title: "lacework policy-exception show" +slug: lacework_policy-exception_show +hide_title: true +--- + +## lacework policy-exception show + +Show details about a policy exception + +### Synopsis + +Show the details of a policy exception. + +``` +lacework policy-exception show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy-exception](lacework_policy-exception.md) - Manage policy exceptions + diff --git a/cli/docs/lacework_policy_disable.md b/cli/docs/lacework_policy_disable.md new file mode 100644 index 000000000..f732c0967 --- /dev/null +++ b/cli/docs/lacework_policy_disable.md @@ -0,0 +1,63 @@ +--- +title: "lacework policy disable" +slug: lacework_policy_disable +hide_title: true +--- + +## lacework policy disable + +Disable policies + +### Synopsis + +Disable policies by ID or all policies matching a tag. + +To disable a single policy by its ID: + + lacework policy disable lacework-policy-id + +To disable many policies by ID provide a list of policy ids: + + lacework policy disable lacework-policy-id-one lacework-policy-id-two + +To disable all policies for AWS CIS 1.4.0: + + lacework policy disable --tag framework:cis-aws-1-4-0 + +To disable all policies for GCP CIS 1.3.0: + + lacework policy disable --tag framework:cis-gcp-1-3-0 + + +``` +lacework policy disable [policy_id...] [flags] +``` + +### Options + +``` + -h, --help help for disable + --tag string disable all policies with the specified tag +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy](lacework_policy.md) - Manage policies + diff --git a/cli/docs/lacework_policy_enable.md b/cli/docs/lacework_policy_enable.md new file mode 100644 index 000000000..41ea089a2 --- /dev/null +++ b/cli/docs/lacework_policy_enable.md @@ -0,0 +1,68 @@ +--- +title: "lacework policy enable" +slug: lacework_policy_enable +hide_title: true +--- + +## lacework policy enable + +Enable policies + +### Synopsis + +Enable policies by ID or all policies matching a tag. + +To enter the policy enable prompt: + + lacework policy enable + +To enable a single policy by its ID: + + lacework policy enable lacework-policy-id + +To enable many policies by ID provide a list of policy ids: + + lacework policy enable lacework-policy-id-one lacework-policy-id-two + +To enable all policies for AWS CIS 1.4.0: + + lacework policy enable --tag framework:cis-aws-1-4-0 + +To enable all policies for GCP CIS 1.3.0: + + lacework policy enable --tag framework:cis-gcp-1-3-0 + + + +``` +lacework policy enable [policy_id...] [flags] +``` + +### Options + +``` + -h, --help help for enable + --tag string enable all policies with the specified tag +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy](lacework_policy.md) - Manage policies + diff --git a/cli/docs/lacework_policy_list-tags.md b/cli/docs/lacework_policy_list-tags.md new file mode 100644 index 000000000..8c9f087e1 --- /dev/null +++ b/cli/docs/lacework_policy_list-tags.md @@ -0,0 +1,45 @@ +--- +title: "lacework policy list-tags" +slug: lacework_policy_list-tags +hide_title: true +--- + +## lacework policy list-tags + +List policy tags + +### Synopsis + +List all tags associated with policies in your Lacework account. + +``` +lacework policy list-tags [flags] +``` + +### Options + +``` + -h, --help help for list-tags +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework policy](lacework_policy.md) - Manage policies + diff --git a/cli/docs/lacework_query_preview-source.md b/cli/docs/lacework_query_preview-source.md new file mode 100644 index 000000000..fef9b6eca --- /dev/null +++ b/cli/docs/lacework_query_preview-source.md @@ -0,0 +1,45 @@ +--- +title: "lacework query preview-source" +slug: lacework_query_preview-source +hide_title: true +--- + +## lacework query preview-source + +Preview Lacework query datasource + +### Synopsis + +Preview Lacework query datasource. + +``` +lacework query preview-source [flags] +``` + +### Options + +``` + -h, --help help for preview-source +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework query](lacework_query.md) - Run and manage queries + diff --git a/cli/docs/lacework_report-definition.md b/cli/docs/lacework_report-definition.md new file mode 100644 index 000000000..bf5e5d9c8 --- /dev/null +++ b/cli/docs/lacework_report-definition.md @@ -0,0 +1,45 @@ +--- +title: "lacework report-definition" +slug: lacework_report-definition +hide_title: true +--- + +## lacework report-definition + +Manage report definitions + +### Synopsis + +Manage report definitions to configure the data retrieval and layout information for a report. + + +### Options + +``` + -h, --help help for report-definition +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework report-definition delete](lacework_report-definition_delete.md) - Delete a report definition +* [lacework report-definition list](lacework_report-definition_list.md) - List all report definitions +* [lacework report-definition show](lacework_report-definition_show.md) - Show a report definition by ID + diff --git a/cli/docs/lacework_integration_delete.md b/cli/docs/lacework_report-definition_delete.md similarity index 70% rename from cli/docs/lacework_integration_delete.md rename to cli/docs/lacework_report-definition_delete.md index 17433d027..4c55834d5 100644 --- a/cli/docs/lacework_integration_delete.md +++ b/cli/docs/lacework_report-definition_delete.md @@ -1,21 +1,19 @@ --- -title: "lacework integration delete" -slug: lacework_integration_delete +title: "lacework report-definition delete" +slug: lacework_report-definition_delete hide_title: true --- -## lacework integration delete +## lacework report-definition delete -Delete an external integration +Delete a report definition ### Synopsis -Delete an external integration by providing an integration GUID. - -Integration GUIDs can be found by using the 'lacework integration list' command. +Delete a single report definition by it's ID. ``` -lacework integration delete [flags] +lacework report-definition delete [flags] ``` ### Options @@ -43,5 +41,5 @@ lacework integration delete [flags] ### SEE ALSO -* [lacework integration](lacework_integration.md) - Manage external integrations +* [lacework report-definition](lacework_report-definition.md) - Manage report definitions diff --git a/cli/docs/lacework_report-definition_list.md b/cli/docs/lacework_report-definition_list.md new file mode 100644 index 000000000..1f2183b16 --- /dev/null +++ b/cli/docs/lacework_report-definition_list.md @@ -0,0 +1,46 @@ +--- +title: "lacework report-definition list" +slug: lacework_report-definition_list +hide_title: true +--- + +## lacework report-definition list + +List all report definitions + +### Synopsis + +List all report definitions configured in your Lacework account. + +``` +lacework report-definition list [flags] +``` + +### Options + +``` + -h, --help help for list + --subtype string filter report definitions by subtype. 'AWS', 'GCP' or 'Azure' +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework report-definition](lacework_report-definition.md) - Manage report definitions + diff --git a/cli/docs/lacework_report-definition_show.md b/cli/docs/lacework_report-definition_show.md new file mode 100644 index 000000000..4b40f96f1 --- /dev/null +++ b/cli/docs/lacework_report-definition_show.md @@ -0,0 +1,45 @@ +--- +title: "lacework report-definition show" +slug: lacework_report-definition_show +hide_title: true +--- + +## lacework report-definition show + +Show a report definition by ID + +### Synopsis + +Show a single report definition by it's ID. + +``` +lacework report-definition show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework report-definition](lacework_report-definition.md) - Manage report definitions + diff --git a/cli/docs/lacework_report-rule.md b/cli/docs/lacework_report-rule.md new file mode 100644 index 000000000..74532239e --- /dev/null +++ b/cli/docs/lacework_report-rule.md @@ -0,0 +1,53 @@ +--- +title: "lacework report-rule" +slug: lacework_report-rule +hide_title: true +--- + +## lacework report-rule + +Manage report rules + +### Synopsis + +Manage report rules to route reports to one or more email alert channels. + +A report rule has four parts: + + 1. Email alert channel(s) that should receive the report + 2. One or more severities to include + 3. Resource group(s) containing the subset of your environment to consider + 4. Notification types containing which report information to send + + +### Options + +``` + -h, --help help for report-rule +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework report-rule create](lacework_report-rule_create.md) - Create a new report rule +* [lacework report-rule delete](lacework_report-rule_delete.md) - Delete a report rule +* [lacework report-rule list](lacework_report-rule_list.md) - List all report rules +* [lacework report-rule show](lacework_report-rule_show.md) - Show a report rule by ID + diff --git a/integration/test_resources/help/integration_create b/cli/docs/lacework_report-rule_create.md similarity index 70% rename from integration/test_resources/help/integration_create rename to cli/docs/lacework_report-rule_create.md index a432aedc9..b1928928f 100644 --- a/integration/test_resources/help/integration_create +++ b/cli/docs/lacework_report-rule_create.md @@ -1,12 +1,26 @@ -Creates an external integration in your account through an interactive session. +--- +title: "lacework report-rule create" +slug: lacework_report-rule_create +hide_title: true +--- -Usage: - lacework integration create [flags] +## lacework report-rule create -Flags: +Create a new report rule + +``` +lacework report-rule create [flags] +``` + +### Options + +``` -h, --help help for create +``` + +### Options inherited from parent commands -Global Flags: +``` -a, --account string account subdomain of URL (i.e. .lacework.net) -k, --api_key string access key id -s, --api_secret string secret access key @@ -19,3 +33,9 @@ Global Flags: --organization access organization level data sets (org admins only) -p, --profile string switch between profiles configured at ~/.lacework.toml --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework report-rule](lacework_report-rule.md) - Manage report rules + diff --git a/cli/docs/lacework_report-rule_delete.md b/cli/docs/lacework_report-rule_delete.md new file mode 100644 index 000000000..703c60506 --- /dev/null +++ b/cli/docs/lacework_report-rule_delete.md @@ -0,0 +1,45 @@ +--- +title: "lacework report-rule delete" +slug: lacework_report-rule_delete +hide_title: true +--- + +## lacework report-rule delete + +Delete a report rule + +### Synopsis + +Delete a single report rule by it's ID. + +``` +lacework report-rule delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework report-rule](lacework_report-rule.md) - Manage report rules + diff --git a/cli/docs/lacework_report-rule_list.md b/cli/docs/lacework_report-rule_list.md new file mode 100644 index 000000000..7e8b4e2e0 --- /dev/null +++ b/cli/docs/lacework_report-rule_list.md @@ -0,0 +1,45 @@ +--- +title: "lacework report-rule list" +slug: lacework_report-rule_list +hide_title: true +--- + +## lacework report-rule list + +List all report rules + +### Synopsis + +List all report rules configured in your Lacework account. + +``` +lacework report-rule list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework report-rule](lacework_report-rule.md) - Manage report rules + diff --git a/cli/docs/lacework_report-rule_show.md b/cli/docs/lacework_report-rule_show.md new file mode 100644 index 000000000..7311f6a63 --- /dev/null +++ b/cli/docs/lacework_report-rule_show.md @@ -0,0 +1,45 @@ +--- +title: "lacework report-rule show" +slug: lacework_report-rule_show +hide_title: true +--- + +## lacework report-rule show + +Show a report rule by ID + +### Synopsis + +Show a single report rule by it's ID. + +``` +lacework report-rule show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework report-rule](lacework_report-rule.md) - Manage report rules + diff --git a/cli/docs/lacework_team-member.md b/cli/docs/lacework_team-member.md new file mode 100644 index 000000000..0a2d47d7d --- /dev/null +++ b/cli/docs/lacework_team-member.md @@ -0,0 +1,47 @@ +--- +title: "lacework team-member" +slug: lacework_team-member +hide_title: true +--- + +## lacework team-member + +Manage team members + +### Synopsis + +Manage Team Members to grant or restrict access to multiple Lacework Accounts. + Team members can also be granted organization-level roles. + + +### Options + +``` + -h, --help help for team-member +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework team-member create](lacework_team-member_create.md) - Create a new team member +* [lacework team-member delete](lacework_team-member_delete.md) - Delete a team member +* [lacework team-member list](lacework_team-member_list.md) - List all team members +* [lacework team-member show](lacework_team-member_show.md) - Show a team member by id + diff --git a/cli/docs/lacework_team-member_create.md b/cli/docs/lacework_team-member_create.md new file mode 100644 index 000000000..b46b6e278 --- /dev/null +++ b/cli/docs/lacework_team-member_create.md @@ -0,0 +1,41 @@ +--- +title: "lacework team-member create" +slug: lacework_team-member_create +hide_title: true +--- + +## lacework team-member create + +Create a new team member + +``` +lacework team-member create [flags] +``` + +### Options + +``` + -h, --help help for create +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework team-member](lacework_team-member.md) - Manage team members + diff --git a/cli/docs/lacework_team-member_delete.md b/cli/docs/lacework_team-member_delete.md new file mode 100644 index 000000000..9f54843ef --- /dev/null +++ b/cli/docs/lacework_team-member_delete.md @@ -0,0 +1,45 @@ +--- +title: "lacework team-member delete" +slug: lacework_team-member_delete +hide_title: true +--- + +## lacework team-member delete + +Delete a team member + +### Synopsis + +Delete a single team member by it's ID. + +``` +lacework team-member delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework team-member](lacework_team-member.md) - Manage team members + diff --git a/cli/docs/lacework_team-member_list.md b/cli/docs/lacework_team-member_list.md new file mode 100644 index 000000000..11a65c00d --- /dev/null +++ b/cli/docs/lacework_team-member_list.md @@ -0,0 +1,45 @@ +--- +title: "lacework team-member list" +slug: lacework_team-member_list +hide_title: true +--- + +## lacework team-member list + +List all team members + +### Synopsis + +List all team members configured in your Lacework account. + +``` +lacework team-member list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework team-member](lacework_team-member.md) - Manage team members + diff --git a/cli/docs/lacework_team-member_show.md b/cli/docs/lacework_team-member_show.md new file mode 100644 index 000000000..cdda79343 --- /dev/null +++ b/cli/docs/lacework_team-member_show.md @@ -0,0 +1,45 @@ +--- +title: "lacework team-member show" +slug: lacework_team-member_show +hide_title: true +--- + +## lacework team-member show + +Show a team member by id + +### Synopsis + +Show a single team member by it's id. + +``` +lacework team-member show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework team-member](lacework_team-member.md) - Manage team members + diff --git a/cli/docs/lacework_vulnerability-exception.md b/cli/docs/lacework_vulnerability-exception.md new file mode 100644 index 000000000..35cd84380 --- /dev/null +++ b/cli/docs/lacework_vulnerability-exception.md @@ -0,0 +1,45 @@ +--- +title: "lacework vulnerability-exception" +slug: lacework_vulnerability-exception +hide_title: true +--- + +## lacework vulnerability-exception + +Manage vulnerability exceptions + +### Synopsis + +Manage vulnerability exceptions to control and customize your alert profile for hosts and containers. + +### Options + +``` + -h, --help help for vulnerability-exception +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework](lacework.md) - A tool to manage the Lacework cloud security platform. +* [lacework vulnerability-exception create](lacework_vulnerability-exception_create.md) - Create a new vulnerability exception +* [lacework vulnerability-exception delete](lacework_vulnerability-exception_delete.md) - Delete a vulnerability exception +* [lacework vulnerability-exception list](lacework_vulnerability-exception_list.md) - List all vulnerability exceptions +* [lacework vulnerability-exception show](lacework_vulnerability-exception_show.md) - Get vulnerability exception by ID + diff --git a/cli/docs/lacework_vulnerability-exception_create.md b/cli/docs/lacework_vulnerability-exception_create.md new file mode 100644 index 000000000..4b196bb1c --- /dev/null +++ b/cli/docs/lacework_vulnerability-exception_create.md @@ -0,0 +1,45 @@ +--- +title: "lacework vulnerability-exception create" +slug: lacework_vulnerability-exception_create +hide_title: true +--- + +## lacework vulnerability-exception create + +Create a new vulnerability exception + +### Synopsis + +Creates a new single vulnerability exception. + +``` +lacework vulnerability-exception create [flags] +``` + +### Options + +``` + -h, --help help for create +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework vulnerability-exception](lacework_vulnerability-exception.md) - Manage vulnerability exceptions + diff --git a/cli/docs/lacework_vulnerability-exception_delete.md b/cli/docs/lacework_vulnerability-exception_delete.md new file mode 100644 index 000000000..943254298 --- /dev/null +++ b/cli/docs/lacework_vulnerability-exception_delete.md @@ -0,0 +1,45 @@ +--- +title: "lacework vulnerability-exception delete" +slug: lacework_vulnerability-exception_delete +hide_title: true +--- + +## lacework vulnerability-exception delete + +Delete a vulnerability exception + +### Synopsis + +Delete a single vulnerability exception by it's vulnerability exception ID. + +``` +lacework vulnerability-exception delete [flags] +``` + +### Options + +``` + -h, --help help for delete +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework vulnerability-exception](lacework_vulnerability-exception.md) - Manage vulnerability exceptions + diff --git a/cli/docs/lacework_vulnerability-exception_list.md b/cli/docs/lacework_vulnerability-exception_list.md new file mode 100644 index 000000000..3aebd7ec5 --- /dev/null +++ b/cli/docs/lacework_vulnerability-exception_list.md @@ -0,0 +1,45 @@ +--- +title: "lacework vulnerability-exception list" +slug: lacework_vulnerability-exception_list +hide_title: true +--- + +## lacework vulnerability-exception list + +List all vulnerability exceptions + +### Synopsis + +List all vulnerability exceptions configured in your Lacework account. + +``` +lacework vulnerability-exception list [flags] +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework vulnerability-exception](lacework_vulnerability-exception.md) - Manage vulnerability exceptions + diff --git a/cli/docs/lacework_vulnerability-exception_show.md b/cli/docs/lacework_vulnerability-exception_show.md new file mode 100644 index 000000000..013c542d4 --- /dev/null +++ b/cli/docs/lacework_vulnerability-exception_show.md @@ -0,0 +1,45 @@ +--- +title: "lacework vulnerability-exception show" +slug: lacework_vulnerability-exception_show +hide_title: true +--- + +## lacework vulnerability-exception show + +Get vulnerability exception by ID + +### Synopsis + +Get a single vulnerability exception by it's vulnerability exception ID. + +``` +lacework vulnerability-exception show [flags] +``` + +### Options + +``` + -h, --help help for show +``` + +### Options inherited from parent commands + +``` + -a, --account string account subdomain of URL (i.e. .lacework.net) + -k, --api_key string access key id + -s, --api_secret string secret access key + --api_token string access token (replaces the use of api_key and api_secret) + --debug turn on debug logging + --json switch commands output from human-readable to json format + --nocache turn off caching + --nocolor turn off colors + --noninteractive turn off interactive mode (disable spinners, prompts, etc.) + --organization access organization level data sets (org admins only) + -p, --profile string switch between profiles configured at ~/.lacework.toml + --subaccount string sub-account name inside your organization (org admins only) +``` + +### SEE ALSO + +* [lacework vulnerability-exception](lacework_vulnerability-exception.md) - Manage vulnerability exceptions + diff --git a/cli/docs/lacework_vulnerability_container.md b/cli/docs/lacework_vulnerability_container.md index 68b20f8b4..3c0b54131 100644 --- a/cli/docs/lacework_vulnerability_container.md +++ b/cli/docs/lacework_vulnerability_container.md @@ -19,7 +19,7 @@ trying to scan or show. To create a new integration use the following command: - lacework integration create + lacework container-registry create If you prefer to configure the integration via the WebUI, log in to your account at: diff --git a/integration/test_resources/help/compliance b/integration/test_resources/help/compliance index a0f2cec2a..2f0e42604 100644 --- a/integration/test_resources/help/compliance +++ b/integration/test_resources/help/compliance @@ -6,7 +6,7 @@ HIPAA benchmark standards. Get started by integrating one or more cloud accounts using the command: - lacework integration create + lacework cloud-account create If you prefer to configure the integration via the WebUI, log in to your account at: @@ -16,7 +16,7 @@ Then navigate to Settings > Integrations > Cloud Accounts. Use the following command to list all available integrations in your account: - lacework integrations list + lacework cloud-account list Usage: lacework compliance [command] diff --git a/integration/test_resources/help/compliance_google_list-projects b/integration/test_resources/help/compliance_google_list-projects index 474ef5d5b..c24dcd065 100644 --- a/integration/test_resources/help/compliance_google_list-projects +++ b/integration/test_resources/help/compliance_google_list-projects @@ -2,11 +2,11 @@ List all GCP projects from the provided organization ID. Use the following command to list all GCP integrations in your account: - lacework integrations list --type GCP_CFG + lacework cloud-account list --type GcpCfg Then, select one GUID from an integration and visualize its details using the command: - lacework integration show + lacework cloud-account show Usage: lacework compliance google list-projects [flags] diff --git a/integration/test_resources/help/integration b/integration/test_resources/help/integration deleted file mode 100644 index bd31f90b7..000000000 --- a/integration/test_resources/help/integration +++ /dev/null @@ -1,32 +0,0 @@ -Manage external integrations with the Lacework platform - -Usage: - lacework integration [command] - -Aliases: - integration, integrations, int - -Available Commands: - create Create an external integration - delete Delete an external integration - list List all available external integrations - show Show details about a specific external integration - -Flags: - -h, --help help for integration - -Global Flags: - -a, --account string account subdomain of URL (i.e. .lacework.net) - -k, --api_key string access key id - -s, --api_secret string secret access key - --api_token string access token (replaces the use of api_key and api_secret) - --debug turn on debug logging - --json switch commands output from human-readable to json format - --nocache turn off caching - --nocolor turn off colors - --noninteractive turn off interactive mode (disable spinners, prompts, etc.) - --organization access organization level data sets (org admins only) - -p, --profile string switch between profiles configured at ~/.lacework.toml - --subaccount string sub-account name inside your organization (org admins only) - -Use "lacework integration [command] --help" for more information about a command. diff --git a/integration/test_resources/help/integration_delete b/integration/test_resources/help/integration_delete deleted file mode 100644 index 125b26457..000000000 --- a/integration/test_resources/help/integration_delete +++ /dev/null @@ -1,23 +0,0 @@ -Delete an external integration by providing an integration GUID. - -Integration GUIDs can be found by using the 'lacework integration list' command. - -Usage: - lacework integration delete [flags] - -Flags: - -h, --help help for delete - -Global Flags: - -a, --account string account subdomain of URL (i.e. .lacework.net) - -k, --api_key string access key id - -s, --api_secret string secret access key - --api_token string access token (replaces the use of api_key and api_secret) - --debug turn on debug logging - --json switch commands output from human-readable to json format - --nocache turn off caching - --nocolor turn off colors - --noninteractive turn off interactive mode (disable spinners, prompts, etc.) - --organization access organization level data sets (org admins only) - -p, --profile string switch between profiles configured at ~/.lacework.toml - --subaccount string sub-account name inside your organization (org admins only) diff --git a/integration/test_resources/help/integration_list b/integration/test_resources/help/integration_list deleted file mode 100644 index adba0f953..000000000 --- a/integration/test_resources/help/integration_list +++ /dev/null @@ -1,22 +0,0 @@ -List all available external integrations - -Usage: - lacework integration list [flags] - -Flags: - -h, --help help for list - -t, --type string list all integrations of a specific type - -Global Flags: - -a, --account string account subdomain of URL (i.e. .lacework.net) - -k, --api_key string access key id - -s, --api_secret string secret access key - --api_token string access token (replaces the use of api_key and api_secret) - --debug turn on debug logging - --json switch commands output from human-readable to json format - --nocache turn off caching - --nocolor turn off colors - --noninteractive turn off interactive mode (disable spinners, prompts, etc.) - --organization access organization level data sets (org admins only) - -p, --profile string switch between profiles configured at ~/.lacework.toml - --subaccount string sub-account name inside your organization (org admins only) diff --git a/integration/test_resources/help/vulnerability_container b/integration/test_resources/help/vulnerability_container index 3943ed616..cedda6bad 100644 --- a/integration/test_resources/help/vulnerability_container +++ b/integration/test_resources/help/vulnerability_container @@ -7,7 +7,7 @@ trying to scan or show. To create a new integration use the following command: - lacework integration create + lacework container-registry create If you prefer to configure the integration via the WebUI, log in to your account at: