Skip to content

Commit

Permalink
Merge pull request #152 from akamai/release/v2.12.0
Browse files Browse the repository at this point in the history
Release/v2.12.0
  • Loading branch information
robertolopezlopez authored Apr 25, 2022
2 parents f7ee36a + 68bbd19 commit c3d0642
Show file tree
Hide file tree
Showing 21 changed files with 841 additions and 102 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
# EDGEGRID GOLANG RELEASE NOTES

## 2.12.0 (Apr. 25, 2022)

#### FEATURES/ENHANCEMENTS:
* APPSEC
* Add WAPBypassNetworkLists interface, to be used in preference to deprecated BypassNetworkLists interface.

* Support for account switch keys from environment ([#149](https://github.com/akamai/AkamaiOPEN-edgegrid-golang/pull/149))

## 2.11.0 (March 24, 2022)

#### FEATURES/ENHANCEMENTS:
Expand Down
1 change: 1 addition & 0 deletions pkg/appsec/appsec.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ type (
VersionNotes
WAFMode
WAFProtection
WAPBypassNetworkLists
WAPSelectedHostnames
}

Expand Down
4 changes: 4 additions & 0 deletions pkg/appsec/bypass_network_lists.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,20 @@ import (
type (
// The BypassNetworkLists interface supports listing or modifying which network lists are
// used in the bypass network lists settings.
// Deprecated: this interface will be removed in a future release. Use the WAPBypassNetworkLists interface instead.
//
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#bypassnetworklist
BypassNetworkLists interface {
// Deprecated: this method will be removed in a future release. Use the GetWAPBypassNetworkLists method of the WAPBypassNetworkLists interface instead.
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getbypassnetworklistsforawapconfigversion
GetBypassNetworkLists(ctx context.Context, params GetBypassNetworkListsRequest) (*GetBypassNetworkListsResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putbypassnetworklistsforawapconfigversion
// Deprecated: this method will be removed in a future release. Use the UpdateWAPBypassNetworkLists method of the WAPBypassNetworkLists interface instead.
UpdateBypassNetworkLists(ctx context.Context, params UpdateBypassNetworkListsRequest) (*UpdateBypassNetworkListsResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putbypassnetworklistsforawapconfigversion
// Deprecated: this method will be removed in a future release. Use the UpdateWAPBypassNetworkLists method of the WAPBypassNetworkLists interface instead.
RemoveBypassNetworkLists(ctx context.Context, params RemoveBypassNetworkListsRequest) (*RemoveBypassNetworkListsResponse, error)
}

Expand Down
6 changes: 5 additions & 1 deletion pkg/appsec/eval_host.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,20 +10,24 @@ import (

type (
// The EvalHost interface supports retrieving and modifying list of evaluation hostnames for a configuration.
// Deprecated: this interface will be removed in a future release. Use the WAPSelectedHostnames interface instead.
//
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#evalhostname
EvalHost interface {
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getevaluationhostnames
// Deprecated: this method will be removed in a future release. Use the GetWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
GetEvalHosts(ctx context.Context, params GetEvalHostsRequest) (*GetEvalHostsResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getevaluationhostnames
// Deprecated: this method will be removed in a future release. Use GetEvalHosts instead.
// Deprecated: this method will be removed in a future release. Use the GetWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
GetEvalHost(ctx context.Context, params GetEvalHostRequest) (*GetEvalHostResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putevaluationhostnames
// Deprecated: this method will be removed in a future release. Use the UpdateWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
UpdateEvalHost(ctx context.Context, params UpdateEvalHostRequest) (*UpdateEvalHostResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putevaluationhostnames
// Deprecated: this method will be removed in a future release. Use the WAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
RemoveEvalHost(ctx context.Context, params RemoveEvalHostRequest) (*RemoveEvalHostResponse, error)
}

Expand Down
5 changes: 4 additions & 1 deletion pkg/appsec/eval_protect_host.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,20 @@ import (
type (
// The EvalProtectHost interface supports retrieving the evaluation hostnames for a configuration and
// moving hostnames from evaluating to protected status.
// Deprecated: this interface will be removed in a future release. Use the WAPSelectedHostnames interface instead.
//
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#evalhostname
EvalProtectHost interface {
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getevaluationhostnames
// Deprecated: this method will be removed in a future release. Use the GetWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
GetEvalProtectHosts(ctx context.Context, params GetEvalProtectHostsRequest) (*GetEvalProtectHostsResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getevaluationhostnames
// Deprecated: this method will be removed in a future release. Use GetEvalProtectHosts instead.
// Deprecated: this method will be removed in a future release. Use the GetWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
GetEvalProtectHost(ctx context.Context, params GetEvalProtectHostRequest) (*GetEvalProtectHostResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putmoveevaluationhostnamestoprotection
// Deprecated: this method will be removed in a future release. Use the UpdateWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
UpdateEvalProtectHost(ctx context.Context, params UpdateEvalProtectHostRequest) (*UpdateEvalProtectHostResponse, error)
}

Expand Down
6 changes: 4 additions & 2 deletions pkg/appsec/export_configuration.go
Original file line number Diff line number Diff line change
Expand Up @@ -651,8 +651,10 @@ type (
// WebApplicationFirewallEvaluation is returned as part of GetExportConfigurationResponse.
WebApplicationFirewallEvaluation struct {
AttackGroupActions []struct {
Action string `json:"action"`
Group string `json:"group"`
Action string `json:"action"`
Group string `json:"group"`
Exception *RuleException `json:"exception,omitempty"`
AdvancedExceptionsList *AdvancedExceptions `json:"advancedExceptions,omitempty"`
} `json:"attackGroupActions,omitempty"`
EvaluationID int `json:"evaluationId"`
EvaluationVersion int `json:"evaluationVersion"`
Expand Down
79 changes: 31 additions & 48 deletions pkg/appsec/rule_upgrade.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,58 +23,41 @@ type (

// GetRuleUpgradeRequest is used to verify changes in the KRS rule sets.
GetRuleUpgradeRequest struct {
ConfigID int `json:"-"`
Version int `json:"-"`
PolicyID string `json:"-"`
ConfigID int
Version int
PolicyID string
}

// GetRuleUpgradeResponse is returned from a call to GetRuleUpgrade.
GetRuleUpgradeResponse struct {
Current string `json:"current,omitempty"`
Evaluating string `json:"evaluating,omitempty"`
Latest string `json:"latest,omitempty"`
KRSToEvalUpdates struct {
DeletedRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"deletedRules,omitempty"`
UpdatedRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"updatedRules,omitempty"`
NewRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"newRules,omitempty"`
} `json:"KRSToEvalUpdates,omitempty"`
EvalToEvalUpdates struct {
DeletedRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"deletedRules,omitempty"`
UpdatedRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"updatedRules,omitempty"`
NewRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"newRules,omitempty"`
} `json:"EvalToEvalUpdates,omitempty"`
KRSToLatestUpdates struct {
DeletedRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"deletedRules,omitempty"`
NewRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"newRules,omitempty"`
UpdatedRules []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
} `json:"updatedRules,omitempty"`
} `json:"KRSToLatestUpdates,omitempty"`
Current string `json:"current,omitempty"`
Evaluating string `json:"evaluating,omitempty"`
Latest string `json:"latest,omitempty"`
KRSToEvalUpdates *RulesetUpdateData `json:"KRSToEvalUpdates,omitempty"`
EvalToEvalUpdates *RulesetUpdateData `json:"EvalToEvalUpdates,omitempty"`
KRSToLatestUpdates *RulesetUpdateData `json:"KRSToLatestUpdates,omitempty"`
}

// RulesetUpdateData is used to report all updates to rules and attack groups in the ruleset.
RulesetUpdateData struct {
DeletedRules *RuleData `json:"deletedRules,omitempty"`
NewRules *RuleData `json:"newRules,omitempty"`
UpdatedRules *RuleData `json:"updatedRules,omitempty"`
DeletedAttackGroups *GroupData `json:"deletedAttackGroups,omitempty"`
UpdatedAttackGroups *GroupData `json:"updatedAttackGroups,omitempty"`
NewAttackGroups *GroupData `json:"newAttackGroups,omitempty"`
}

// RuleData contains updates to rules
RuleData []struct {
ID int `json:"id,omitempty"`
Title string `json:"title,omitempty"`
}

// GroupData contains updates to attack groups
GroupData []struct {
Group int `json:"group,omitempty"`
GroupName string `json:"groupName,omitempty"`
}

// UpdateRuleUpgradeRequest is used to upgrade to the most recent version of the KRS rule set.
Expand Down
7 changes: 5 additions & 2 deletions pkg/appsec/selected_hostname.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,19 +13,22 @@ type (
// a configuration.
//
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#selectedhostnames
// Deprecated: this interface will be removed in a future release. Use the WAPSelectedHostnames interface instead.
SelectedHostname interface {
// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getselectedhostnames
// Deprecated: this method will be removed in a future release. Use the GetWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
GetSelectedHostnames(ctx context.Context, params GetSelectedHostnamesRequest) (*GetSelectedHostnamesResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#getselectedhostnames
// Deprecated: this method will be removed in a future release. Use GetSelectedHostnames instead.
// Deprecated: this method will be removed in a future release. Use the GetWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
GetSelectedHostname(ctx context.Context, params GetSelectedHostnameRequest) (*GetSelectedHostnameResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putselectedhostnames
// Deprecated: this method will be removed in a future release. Use UpdateSelectedHostnames instead.
// Deprecated: this method will be removed in a future release. Use the UpdateWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
UpdateSelectedHostname(ctx context.Context, params UpdateSelectedHostnameRequest) (*UpdateSelectedHostnameResponse, error)

// https://developer.akamai.com/api/cloud_security/application_security/v1.html#putselectedhostnames
// Deprecated: this method will be removed in a future release. Use the UpdateWAPSelectedHostnames method of the WAPSelectedHostnames interface instead.
UpdateSelectedHostnames(ctx context.Context, params UpdateSelectedHostnamesRequest) (*UpdateSelectedHostnamesResponse, error)
}

Expand Down
136 changes: 136 additions & 0 deletions pkg/appsec/testdata/TestExportConfiguration/ExportConfiguration.json
Original file line number Diff line number Diff line change
Expand Up @@ -4723,6 +4723,142 @@
"applyReputationControls": true,
"applySlowPostControls": true
},
"webApplicationFirewall": {
"ruleActions": [
{
"action": "alert",
"id": 950002,
"rulesetVersionId": 7392
},
{
"action": "alert",
"id": 950006,
"rulesetVersionId": 7392
}
],
"attackGroupActions": [
{
"action": "alert",
"group": "POLICY",
"rulesetVersionId": 7392
},
{
"action": "alert",
"group": "WAT",
"rulesetVersionId": 7392
},
{
"action": "alert",
"group": "PROTOCOL",
"rulesetVersionId": 7392
},
{
"action": "alert",
"group": "SQL",
"rulesetVersionId": 7392
},
{
"action": "alert",
"group": "XSS",
"rulesetVersionId": 7392,
"exception": {
"specificHeaderCookieParamXmlOrJsonNames": [
{
"names": [
"ASE-Manual-EVAL-HEADER"
],
"selector": "REQUEST_HEADERS"
}
]
}
},
{
"action": "alert",
"group": "CMD",
"rulesetVersionId": 7392
},
{
"action": "alert",
"group": "LFI",
"rulesetVersionId": 7392,
"exception": {
"specificHeaderCookieParamXmlOrJsonNames": [
{
"names": [
"ASE-Manual-Active-COOKIES"
],
"selector": "REQUEST_COOKIES",
"wildcard": true
}
]
}
},
{
"action": "alert",
"group": "RFI",
"rulesetVersionId": 7392
},
{
"action": "alert",
"group": "PLATFORM",
"rulesetVersionId": 7392
}
],
"evaluation": {
"attackGroupActions": [
{
"action": "alert",
"group": "POLICY"
},
{
"action": "alert",
"group": "WAT"
},
{
"action": "alert",
"group": "PROTOCOL"
},
{
"action": "alert",
"group": "SQL"
},
{
"action": "alert",
"group": "XSS"
},
{
"action": "deny",
"group": "CMD"
},
{
"action": "alert",
"group": "LFI"
},
{
"action": "alert",
"group": "RFI"
},
{
"action": "alert",
"group": "PLATFORM"
}
],
"evaluationId": 13904,
"evaluationVersion": 1,
"ruleActions": [
{
"action": "alert",
"id": 950002
},
{
"action": "alert",
"id": 950006
}
],
"rulesetVersionId": 7592
},
"threatIntel": "on"
},
"apiRequestConstraints": {
"apiEndpoints": []
},
Expand Down
Loading

0 comments on commit c3d0642

Please sign in to comment.