Kaholo Plugin for Lacework
Settings:
- Secret(required) – Lacework secret access key. Can only be created by administrator using the Lacework console.
- Host(required) – The base host URL to your Lacework environment. for example, if you connect to the console with url address: http://DEMO-HOST.lacework.net/ then you should enter DEMO-HOST as the Host setting value.
- Key Id(required) – Lacework access Key ID. Can only be created by administrator using the Lacework console.
Method: Get event details
This method returns all the data about the lacework event specified.
Parameters:
- Event ID(required) – The event ID of the requested event. If using the lacework webhook, you can get it from the event_id field.
Method: Get Latest AWS Compliance Report Details
This method returns the latest AWS Compliance Report about the AWS account ID and report type specified.
Parameters:
- AWS ACCOUNT ID(required) – Specify a 12 digit unique AWS Account ID, for example: 123456789012.
- Report Type(required) – Specify the Report Type you want to get. You can use the following examples:
- AWS CIS Benchmark and S3 Report
- AWS NIST 800-171 Report
- NIST_800-171_Rev2
- AWS NIST 800-53 Report
- AWS HIPAA Report
- AWS SOC 2 Report
- AWS SOC 2 Report Revision 2
- AWS PCI DSS Report
Method: Get Latest Azure Compliance Report Details
This method returns the latest Azure Compliance Report about the Azure subscription ID and report type specified.
Parameters:
- AZURE TENANT ID(required) – Specify the Azure tenant id for the report to run.
- AZURE SUBSCRIPTION ID(required) – Specify the Azure Subscription id for the retor to run.
- Report Type(required) – Specify the Report Type you want to get. You can use the following examples:
- Azure CIS Benchmark
- Azure SOC2 Report
- Azure PCI Benchmark
Method: Get Latest GCP Compliance Report Details
This method returns the latest GCP Compliance Report about the GCP project ID and report type specified.
Parameters:
- GCP ORG ID(required) – Specify the GCP Organizational ID.
- GCP PROJECT ID(required) – Specify the GCP Project ID.
- Report Type(required) – Specify the Report Type you want to get. You can use the following examples:
- GCP CIS Benchmark
- GCP HIPAA Report
- GCP SOC2 Report
- GCP PCI Benchmark
Method: Get AWS Suppression for a recommendationID
This method returns the current suppression configuration for a specific recommendationID.
Parameters:
- REC ID (required) – Specify the REC_ID that you would like to get the current suppression configuration.
Method: Configure Suppression via Tag for AWS
This method configures a suppression for a specific recommendationID.
Parameters:
- REC ID (required) – Specify the REC_ID that you would like to get the current suppression configuration.
- TAG KEY (required) – Specify the TAG_KEY that will be used for the suppression configuration.
- TAG VALUE (required) – Specify the TAG_VALUE that will be used for the suppression configuration.
- SUPPRESSION COMMENT (required) – Specify the comment that will be set for the suppression configuration.