docs: update azure documentation

Signed-off-by: Salim Afiune Maya <[email protected]>

aws/README.md

@@ -24,11 +24,11 @@ Before you begin the following must be configured on the workstation running Ter
 
 Typically, the [AWS CLI](https://aws.amazon.com/cli/) will have been previously installed and `aws configure` run and with `$AWS_PROFILE` set to the appropriate credential profile in `~/.aws/credentials`
 
-Also recommend that the [Lacework CLI](https://github.com/lacework/go-sdk) be installed and the `[default]` profile is associated with the applicable Lacework Account `api_key` and `api_secret` in `~/.lacework.toml`
+Also recommend that the [Lacework CLI](https://github.com/lacework/go-sdk/wiki/CLI-Documentation) be installed and the `[default]` profile is associated with the applicable Lacework Account `api_key` and `api_secret` in `~/.lacework.toml`
 
 ## Usage
 
-**IMPORTANT:** We use the `master` branch in source just as an example. In your code, *do NOT pin to master* because there may
+**IMPORTANT:** We use the `master` branch in source just as an example. In your code, **do NOT pin to master** because there may
 be breaking changes between releases. Instead we recommend to pin to the release tag (e.g. `?ref=tags/v0.1.0`) of one of
 our [latest releases](https://github.com/lacework/terraform-provisioning/releases).
 

azure/README.md

@@ -11,33 +11,67 @@ Trail analysis.
   - *Owner Role* at the Subscription level
 - [Lacework API Key](https://support.lacework.com/hc/en-us/articles/360011403853-Generate-API-Access-Keys-and-Tokens) 
 
+Also recommend that the [Lacework CLI](https://github.com/lacework/go-sdk/wiki/CLI-Documentation) be installed and the `[default]` profile is associated with the applicable Lacework Account `api_key` and `api_secret` in `~/.lacework.toml`
+
 ## Login via the Azure CLI
 In order to integrate Lacework with Azure you will need to login to your Azure console via
 the Azure CLI by running the command:
 ```
 $ az login
 ```
 
-### Run Terraform
-1. Clone this repository: https://github.com/lacework/terraform-provisioning
-2. Change directories into `terraform-provisioning/azure`
-3. Create a new file called `terraform.tfvars` with the following content:
+## Usage
 
-```
-prefix          = "<SHORT PREFIX TO IDENTIFY RESOURCES>"
-identifier_uris = [
-	"https://<YOUR LACEWORK ACCOUNT>.lacework.net"
-]
-lacework_account    = "<YOUR LACEWORK ACCOUNT>"
-lacework_api_key    = "<THE API KEY FROM LACEWORK JSON FILE>"
-lacework_api_secret = "<THE API SECRET FROM LACEWORK JSON FILE>"
-```
-or use environment variables to avoid hardcoding API keys and secrets.
+**IMPORTANT:** We use the `master` branch in source just as an example. In your code, **do NOT pin to master** because there may
+be breaking changes between releases. Instead we recommend to pin to the release tag (e.g. `?ref=tags/v0.1.0`) of one of
+our [latest releases](https://github.com/lacework/terraform-provisioning/releases).
 
+
+### Enable New Azure Compliance and Activity Log Integrations
+```hcl
+provider "azuread" {}
+
+provider "azurerm" {
+  features {}
+}
+
+provider "lacework" {}
+
+module "az_config" {
+  source = "git::https://github.com/lacework/terraform-provisioning.git//azure/modules/config?ref=master"
+}
+
+module "az_activity_log" {
+  source = "git::https://github.com/lacework/terraform-provisioning.git//azure/modules/activity_log?ref=master"
+
+  use_existing_ad_application = true
+  application_id              = module.az_config.application_id
+  application_password        = module.az_config.application_password
+  service_principal_id        = module.az_config.service_principal_id
+}
 ```
-export TF_VAR_lacework_api_key=<THE API KEY FROM LACEWORK JSON FILE>
-export TF_VAR_lacework_api_secret=<THE API SECRET FROM LACEWORK JSON FILE>
-```
-
-5. Run `terraform init`
-6. Run `terraform apply`
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| application_name | The name of the Azure Active Directory Applicaiton | `string` | lacework_security_audit | no |
+| application_identifier_uris | A list of user-defined URI(s) for the Lacework AD Application | `list(string)` | ["https://securityaudit.lacework.net"] | no |
+| key_vault_ids | A list of Key Vault Ids used in your subscription for the Lacework AD App to have access to | `list(string)` | [] | no |
+| tenant_id | A Tenant ID different from the default defined inside the provider | `string` | "" | no |
+| password_length | The length of the Lacework AD Application password | `number` | 30 | no |
+| use_existing_ad_application | Set this to true to use an existing Active Directory Application | `bool` | false | no |
+| application_id | The Active Directory Application id to use (required when use_existing_ad_application is set to true) | `string` | "" | no |
+| application_password | The Active Directory Application password to use (required when use_existing_ad_application is set to true) | `string` | "" | no |
+| service_principal_id | The Service Principal id to use (required when use_existing_ad_application is set to true) | `string` | "" | no |
+| prefix | The prefix that will be use at the beginning of every generated resource | `string` | l4c3w0rk | no |
+| lacework_integration_name | The name of the integration in Lacework. This input is available in both the config, and the activity_log module | `string` | TF config | no |
+| wait_time | Define a custom delay between cloud resource provision and Lacework external integration to avoid errors while things settle down. Use `10s` for 10 seconds, `5m` for 5 minutes. | `string` | `10s` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| application_id | The Lacework AD Application id |
+| application_password | The Lacework AD Application password |
+| service_principal_id | The Lacework Service Principal id |

gcp/README.md

@@ -9,6 +9,8 @@ Before using these modules you must meet the following requirements:
 - [GCP Service Account](https://cloud.google.com/iam/docs/service-accounts)
 - [Lacework API Key](https://support.lacework.com/hc/en-us/articles/360011403853-Generate-API-Access-Keys-and-Tokens) 
 
+Also recommend that the [Lacework CLI](https://github.com/lacework/go-sdk/wiki/CLI-Documentation) be installed and the `[default]` profile is associated with the applicable Lacework Account `api_key` and `api_secret` in `~/.lacework.toml`
+
 ## GCP Organziation Level Integrations
 The following section covers how to integrate GCP configuration assessment and Audit Log for
 an entire Google Cloud Organization
@@ -26,7 +28,7 @@ More information on how to download a GCP service account key can be found [here
 
 ### Usage
 
-**IMPORTANT:** We use the `master` branch in source just as an example. In your code, *do NOT pin to master* because there may
+**IMPORTANT:** We use the `master` branch in source just as an example. In your code, **do NOT pin to master** because there may
 be breaking changes between releases. Instead we recommend to pin to the release tag (e.g. `?ref=tags/v0.1.0`) of one of
 our [latest releases](https://github.com/lacework/terraform-provisioning/releases).
 

scripts/ci_tests.sh

@@ -17,6 +17,10 @@ MODULES=(
   gcp/modules/audit_log
   gcp/modules/config
   gcp/modules/service_account
+  azure/
+  azure/modules/ad_application
+  azure/modules/config
+  azure/modules/activity_log
 )
 
 TEST_CASES=(
@@ -41,6 +45,8 @@ TEST_CASES=(
   #gcp/modules/audit_log/examples/existing-service-account-org-level-audit-log
   gcp/modules/audit_log/examples/organization-level-audit-log
   gcp/modules/audit_log/examples/project-level-audit-log
+  #azure/
+  #azure/modules/ad_application/examples/default-config
 )
 
 log() {