Skip to content

Commit 6078acb

Browse files
authored
Merge pull request #8 from lacework-alliances/7-update-mfa-struct-from-int-to-bool
fixes (#7)
2 parents b16f241 + d7338e7 commit 6078acb

File tree

3 files changed

+6
-6
lines changed

3 files changed

+6
-6
lines changed

amazon-security-lake-integration.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,7 @@ Resources:
9999
ServiceToken: !GetAtt "CopyZipsFunction.Arn"
100100
DestBucket: !Ref "LambdaZipsBucket"
101101
SourceBucket: "lacework-alliances"
102-
Prefix: "lacework-amazon-security-lake-dev"
102+
Prefix: "lacework-amazon-security-lake"
103103
Objects:
104104
- "/lambda/amazon-security-lake.zip"
105105

@@ -206,7 +206,7 @@ Resources:
206206
Properties:
207207
Code:
208208
S3Bucket: !Ref LambdaZipsBucket
209-
S3Key: !Join ["", ["lacework-amazon-security-lake-dev", "/lambda/amazon-security-lake.zip"]]
209+
S3Key: !Join ["", ["lacework-amazon-security-lake", "/lambda/amazon-security-lake.zip"]]
210210
Handler: bootstrap
211211
Runtime: provided.al2023
212212
Environment:
@@ -217,7 +217,7 @@ Resources:
217217
lacework_access_key_id: !Ref LaceworkAccessKeyID
218218
lacework_secret_key: !Ref LaceworkSecretKey
219219
event_bus_arn: !GetAtt LaceworkAmazonSecurityLakeEventBus.Arn
220-
alert_channel_name: !Join [ "-", ["Lacework-Amazon-Security-Lake-dev", !Select [2, !Split [ "/", !Ref "AWS::StackId"]]]]
220+
alert_channel_name: !Join [ "-", ["Lacework-Amazon-Security-Lake", !Select [2, !Split [ "/", !Ref "AWS::StackId"]]]]
221221
amazon_security_lake_cache_s3_bucket_name: !Ref AmazonSecurityLakeCacheS3Bucket
222222
Role: !GetAtt LaceworkAmazonSecurityLakeSetupFunctionRole.Arn
223223

@@ -301,7 +301,7 @@ Resources:
301301
Properties:
302302
Code:
303303
S3Bucket: !Ref LambdaZipsBucket
304-
S3Key: !Join ["", ["lacework-amazon-security-lake-dev", "/lambda/amazon-security-lake.zip"]]
304+
S3Key: !Join ["", ["lacework-amazon-security-lake", "/lambda/amazon-security-lake.zip"]]
305305
Handler: bootstrap
306306
MemorySize: 256
307307
Timeout: 30

internal/findings/mappings.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@ func InitMap() map[string][]int {
8686
eventMap["CustomerMasterKeyScheduledForDeletion"] = []int{ocsf.CategoryUIDAuditActivity, ocsf.ClassUIDAccountChange}
8787
eventMap["SuccessfulConsoleLoginWithoutMFA"] = []int{ocsf.CategoryUIDAuditActivity, ocsf.ClassUIDAuthentication}
8888
eventMap["FailedConsoleLogin"] = []int{ocsf.CategoryUIDAuditActivity, ocsf.ClassUIDAuthentication}
89-
eventMap["UsageOfRootAccount"] = []int{ocsf.CategoryUIDAuditActivity, ocsf.ClassUIDAuthorization}
89+
eventMap["Usage of Root Account"] = []int{ocsf.CategoryUIDAuditActivity, ocsf.ClassUIDAuthorization}
9090
eventMap["UnauthorizedAPICall"] = []int{ocsf.CategoryUIDCloudActivity, ocsf.ClassUIDCloudApi}
9191
eventMap["ConfigServiceChange"] = []int{ocsf.CategoryUIDCloudActivity, ocsf.ClassUIDCloudApi}
9292
eventMap["CloudTrailDefaultAlert"] = []int{ocsf.CategoryUIDCloudActivity, ocsf.ClassUIDCloudApi}

pkg/lacework/lacework.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ type CtUser struct {
5858
AccountID string `json:"ACCOUNT_ID"`
5959
RegionList []string `json:"REGION_LIST"`
6060
Username string `json:"USERNAME"`
61-
Mfa int `json:"MFA"`
61+
Mfa bool `json:"MFA"`
6262
APIList []string `json:"API_LIST"`
6363
PrincipalID string `json:"PRINCIPAL_ID"`
6464
}

0 commit comments

Comments
 (0)