From 9b04b9da7dfe97df6032871ab0e219760ee7f86c Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Thu, 13 Jun 2024 13:19:42 +0000
Subject: [PATCH 01/11] fix(GROW-2950): disable use of gcp storage audit from
 generate

---
 cli/cmd/generate_gcp.go | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/cli/cmd/generate_gcp.go b/cli/cmd/generate_gcp.go
index 0a5699729..78fbfbba3 100644
--- a/cli/cmd/generate_gcp.go
+++ b/cli/cmd/generate_gcp.go
@@ -19,7 +19,6 @@ var (
 	QuestionGcpEnableAgentless         = "Enable Agentless integration?"
 	QuestionGcpEnableConfiguration     = "Enable Configuration integration?"
 	QuestionGcpEnableAuditLog          = "Enable Audit Log integration?"
-	QuestionUsePubSubAudit             = "Use Pub Sub Audit Log?"
 	QuestionGcpOrganizationIntegration = "Organization integration?"
 	QuestionGcpOrganizationID          = "Specify the GCP organization ID:"
 	QuestionGcpProjectID               = "Specify the project ID to be used to provision Lacework resources:"
@@ -132,6 +131,7 @@ See help output for more details on the parameter value(s) required for Terrafor
 				gcp.WithMultipleProject(GenerateGcpCommandState.Projects),
 				gcp.WithProjectFilterList(GenerateGcpCommandState.ProjectFilterList),
 				gcp.WithRegions(GenerateGcpCommandState.Regions),
+				gcp.WithUsePubSubAudit(true), // always set to true, storage based integration deprecated
 			}
 
 			if GenerateGcpCommandState.OrganizationIntegration {
@@ -476,8 +476,8 @@ func initGenerateGcpTfCommandFlags() {
 	generateGcpTfCommand.PersistentFlags().BoolVar(
 		&GenerateGcpCommandState.UsePubSubAudit,
 		"use_pub_sub",
-		false,
-		"use pub/sub for the audit log data rather than bucket")
+		true,
+		"deprecated: pub/sub audit log integration is always used and only supported type")
 	generateGcpTfCommand.PersistentFlags().StringSliceVar(
 		&GenerateGcpCommandState.Projects,
 		"projects",
@@ -534,16 +534,6 @@ func promptGcpAuditLogQuestions(
 	extraState *GcpGenerateCommandExtraState,
 ) error {
 
-	// Only ask these questions if configure audit log is true
-	if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{
-		{
-			Prompt:   &survey.Confirm{Message: QuestionUsePubSubAudit, Default: config.UsePubSubAudit},
-			Checks:   []*bool{&config.AuditLog},
-			Response: &config.UsePubSubAudit,
-		},
-	}, config.AuditLog); err != nil {
-		return err
-	}
 	// Present the user with Bucket Configuration options, if required
 	if err := promptGcpBucketConfiguration(config, extraState); err != nil {
 		return err

From a1b1daab9bcaceb5efb0ee9662c22edb8ef03a1f Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Thu, 13 Jun 2024 13:40:44 +0000
Subject: [PATCH 02/11] fix(GROW-2950): remove gcp audit log storage references

---
 cli/cmd/generate_gcp.go            | 132 ++------------------
 integration/gcp_generation_test.go | 189 -----------------------------
 2 files changed, 8 insertions(+), 313 deletions(-)

diff --git a/cli/cmd/generate_gcp.go b/cli/cmd/generate_gcp.go
index 78fbfbba3..8c1fd067a 100644
--- a/cli/cmd/generate_gcp.go
+++ b/cli/cmd/generate_gcp.go
@@ -34,16 +34,9 @@ var (
 		"you want to monitor: (optional)"
 	QuestionGcpRegions = "Specify a comma separated list of regions to deploy Agentless:"
 
-	GcpAdvancedOptAuditLog        = "Configure additional Audit Log options"
-	QuestionGcpUseExistingBucket  = "Use an existing bucket?"
-	QuestionGcpExistingBucketName = "Specify an existing bucket name:"
-	QuestionGcpConfigureNewBucket = "Configure settings for new bucket?"
-	QuestionGcpBucketRegion       = "Specify the bucket region: (optional)"
-	QuestionGcpCustomBucketName   = "Specify a custom bucket name: (optional)"
-	QuestionGcpBucketLifecycle    = "Specify the bucket lifecycle rule age: (optional)"
-	QuestionGcpEnableUBLA         = "Enable uniform bucket level access(UBLA)?"
-	QuestionGcpUseExistingSink    = "Use an existing sink?"
-	QuestionGcpExistingSinkName   = "Specify the existing sink name"
+	GcpAdvancedOptAuditLog      = "Configure additional Audit Log options"
+	QuestionGcpUseExistingSink  = "Use an existing sink?"
+	QuestionGcpExistingSinkName = "Specify the existing sink name"
 
 	GcpAdvancedOptIntegrationName           = "Customize integration name(s)"
 	QuestionGcpConfigurationIntegrationName = "Specify a custom configuration integration name: (optional)"
@@ -110,16 +103,11 @@ See help output for more details on the parameter value(s) required for Terrafor
 				gcp.WithExistingServiceAccount(GenerateGcpCommandState.ExistingServiceAccount),
 				gcp.WithConfigurationIntegrationName(GenerateGcpCommandState.ConfigurationIntegrationName),
 				gcp.WithAuditLogLabels(GenerateGcpCommandState.AuditLogLabels),
-				gcp.WithBucketLabels(GenerateGcpCommandState.BucketLabels),
 				gcp.WithPubSubSubscriptionLabels(GenerateGcpCommandState.PubSubSubscriptionLabels),
 				gcp.WithPubSubTopicLabels(GenerateGcpCommandState.PubSubTopicLabels),
-				gcp.WithCustomBucketName(GenerateGcpCommandState.CustomBucketName),
-				gcp.WithBucketRegion(GenerateGcpCommandState.BucketRegion),
-				gcp.WithExistingLogBucketName(GenerateGcpCommandState.ExistingLogBucketName),
 				gcp.WithExistingLogSinkName(GenerateGcpCommandState.ExistingLogSinkName),
 				gcp.WithAuditLogIntegrationName(GenerateGcpCommandState.AuditLogIntegrationName),
 				gcp.WithLaceworkProfile(GenerateGcpCommandState.LaceworkProfile),
-				gcp.WithLogBucketLifecycleRuleAge(GenerateGcpCommandState.LogBucketLifecycleRuleAge),
 				gcp.WithFoldersToInclude(GenerateGcpCommandState.FoldersToInclude),
 				gcp.WithFoldersToExclude(GenerateGcpCommandState.FoldersToExclude),
 				gcp.WithCustomFilter(GenerateGcpCommandState.CustomFilter),
@@ -283,20 +271,17 @@ See help output for more details on the parameter value(s) required for Terrafor
 )
 
 type GcpGenerateCommandExtraState struct {
-	AskAdvanced                bool
-	Output                     string
-	ConfigureNewBucketSettings bool
-	UseExistingServiceAccount  bool
-	UseExistingBucket          bool
-	UseExistingSink            bool
-	TerraformApply             bool
+	AskAdvanced               bool
+	Output                    string
+	UseExistingServiceAccount bool
+	UseExistingSink           bool
+	TerraformApply            bool
 }
 
 func (gcp *GcpGenerateCommandExtraState) isEmpty() bool {
 	return gcp.Output == "" &&
 		!gcp.AskAdvanced &&
 		!gcp.UseExistingServiceAccount &&
-		!gcp.UseExistingBucket &&
 		!gcp.UseExistingSink &&
 		!gcp.TerraformApply
 }
@@ -361,22 +346,6 @@ func initGenerateGcpTfCommandFlags() {
 		"configuration_integration_name",
 		"",
 		"specify a custom configuration integration name")
-	generateGcpTfCommand.PersistentFlags().StringVar(
-		&GenerateGcpCommandState.CustomBucketName,
-		"custom_bucket_name",
-		"",
-		"override prefix based storage bucket name generation with a custom name")
-	// TODO: Implement AuditLogLabels, BucketLabels, PubSubSubscriptionLabels & PubSubTopicLabels
-	generateGcpTfCommand.PersistentFlags().StringVar(
-		&GenerateGcpCommandState.BucketRegion,
-		"bucket_region",
-		"",
-		"specify bucket region")
-	generateGcpTfCommand.PersistentFlags().StringVar(
-		&GenerateGcpCommandState.ExistingLogBucketName,
-		"existing_bucket_name",
-		"",
-		"specify existing bucket name")
 	generateGcpTfCommand.PersistentFlags().StringVar(
 		&GenerateGcpCommandState.ExistingLogSinkName,
 		"existing_sink_name",
@@ -393,15 +362,6 @@ func initGenerateGcpTfCommandFlags() {
 		[]string{},
 		"List of GCP regions to deploy for Agentless integration")
 
-	// DEPRECATED
-	generateGcpTfCommand.PersistentFlags().BoolVar(
-		&GenerateGcpCommandState.EnableForceDestroyBucket,
-		"enable_force_destroy_bucket",
-		true,
-		"enable force bucket destroy")
-	errcheckWARN(generateGcpTfCommand.PersistentFlags().MarkDeprecated(
-		"enable_force_destroy_bucket", "by default, force destroy is enabled.",
-	))
 	// ---
 
 	generateGcpTfCommand.PersistentFlags().BoolVar(
@@ -409,11 +369,6 @@ func initGenerateGcpTfCommandFlags() {
 		"enable_ubla",
 		true,
 		"enable universal bucket level access(ubla)")
-	generateGcpTfCommand.PersistentFlags().IntVar(
-		&GenerateGcpCommandState.LogBucketLifecycleRuleAge,
-		"bucket_lifecycle_rule_age",
-		-1,
-		"specify the lifecycle rule age")
 	generateGcpTfCommand.PersistentFlags().StringVar(
 		&GenerateGcpCommandState.CustomFilter,
 		"custom_filter",
@@ -534,10 +489,6 @@ func promptGcpAuditLogQuestions(
 	extraState *GcpGenerateCommandExtraState,
 ) error {
 
-	// Present the user with Bucket Configuration options, if required
-	if err := promptGcpBucketConfiguration(config, extraState); err != nil {
-		return err
-	}
 	err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{
 		{
 			Prompt:   &survey.Confirm{Message: QuestionGcpUseExistingSink, Default: extraState.UseExistingSink},
@@ -561,73 +512,6 @@ func promptGcpAuditLogQuestions(
 	return err
 }
 
-func promptGcpBucketConfiguration(
-	config *gcp.GenerateGcpTfConfigurationArgs, extraState *GcpGenerateCommandExtraState,
-) error {
-	// Prompt to configure bucket information (not required when using the Pub Sub Audit Log)
-	if err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{
-		{
-			Prompt:   &survey.Confirm{Message: QuestionGcpUseExistingBucket, Default: extraState.UseExistingBucket},
-			Checks:   []*bool{&config.AuditLog, usePubSubActivityDisabled(config)},
-			Response: &extraState.UseExistingBucket,
-		},
-		{
-			Prompt:   &survey.Input{Message: QuestionGcpExistingBucketName, Default: config.ExistingLogBucketName},
-			Checks:   []*bool{&config.AuditLog, &extraState.UseExistingBucket, usePubSubActivityDisabled(config)},
-			Required: true,
-			Response: &config.ExistingLogBucketName,
-		},
-	}, config.AuditLog); err != nil {
-		return err
-	}
-
-	newBucket := !extraState.UseExistingBucket
-	err := SurveyMultipleQuestionWithValidation([]SurveyQuestionWithValidationArgs{
-		{
-			Prompt:   &survey.Confirm{Message: QuestionGcpConfigureNewBucket, Default: extraState.ConfigureNewBucketSettings},
-			Checks:   []*bool{&config.AuditLog, &newBucket, usePubSubActivityDisabled(config)},
-			Required: true,
-			Response: &extraState.ConfigureNewBucketSettings,
-		},
-		{
-			Prompt: &survey.Input{Message: QuestionGcpBucketRegion, Default: config.BucketRegion},
-			Checks: []*bool{&config.AuditLog,
-				&newBucket,
-				&extraState.ConfigureNewBucketSettings,
-				usePubSubActivityDisabled(config)},
-			Opts:     []survey.AskOpt{survey.WithValidator(validateGcpRegion)},
-			Response: &config.BucketRegion,
-		},
-		{
-			Prompt: &survey.Input{Message: QuestionGcpCustomBucketName, Default: config.CustomBucketName},
-			Checks: []*bool{&config.AuditLog,
-				&newBucket,
-				&extraState.ConfigureNewBucketSettings,
-				usePubSubActivityDisabled(config)},
-			Response: &config.CustomBucketName,
-		},
-		{
-			Prompt: &survey.Input{Message: QuestionGcpBucketLifecycle, Default: "-1"},
-			Checks: []*bool{&config.AuditLog,
-				&newBucket,
-				&extraState.ConfigureNewBucketSettings,
-				usePubSubActivityDisabled(config)},
-			Response: &config.LogBucketLifecycleRuleAge,
-		},
-		{
-			Prompt: &survey.Confirm{Message: QuestionGcpEnableUBLA, Default: config.EnableUBLA},
-			Checks: []*bool{&config.AuditLog,
-				&newBucket,
-				&extraState.ConfigureNewBucketSettings,
-				usePubSubActivityDisabled(config)},
-			Required: true,
-			Response: &config.EnableUBLA,
-		},
-	}, config.AuditLog)
-
-	return err
-}
-
 func usePubSubActivityDisabled(config *gcp.GenerateGcpTfConfigurationArgs) *bool {
 	usePubSubActivityDisabled := !config.UsePubSubAudit
 	return &usePubSubActivityDisabled
diff --git a/integration/gcp_generation_test.go b/integration/gcp_generation_test.go
index bb82e3bdc..36bb508a0 100644
--- a/integration/gcp_generation_test.go
+++ b/integration/gcp_generation_test.go
@@ -206,7 +206,6 @@ func TestGenerationGcpAuditLogPubSub(t *testing.T) {
 				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
 				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
 				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "y"},
 				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
 				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
 				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "n"},
@@ -245,7 +244,6 @@ func TestGenerationGcpAuditLogPubSubOrg(t *testing.T) {
 				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
 				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
 				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "y"},
 				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
 				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
 				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "n"},
@@ -472,139 +470,6 @@ func TestGenerationGcpSACreds(t *testing.T) {
 	assert.Equal(t, buildTf, tfResult)
 }
 
-// Test Audit Log with existing Bucket
-func TestGenerationGcpAuditLogExistingBucket(t *testing.T) {
-	os.Setenv("LW_NOCACHE", "true")
-	defer os.Setenv("LW_NOCACHE", "")
-	var final string
-
-	tfResult := runGcpGenerateTest(t,
-		func(c *expect.Console) {
-			expectsCliOutput(t, c, []MsgRspHandler{
-				MsgRsp{cmd.QuestionGcpEnableAgentless, "n"},
-				MsgRsp{cmd.QuestionGcpEnableConfiguration, "y"},
-				MsgRsp{cmd.QuestionGcpEnableAuditLog, "y"},
-				MsgRsp{cmd.QuestionGcpProjectID, projectId},
-				MsgRsp{cmd.QuestionGcpOrganizationIntegration, "n"},
-				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
-				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
-				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "n"},
-				MsgRsp{cmd.QuestionGcpUseExistingBucket, "y"},
-				MsgRsp{cmd.QuestionGcpExistingBucketName, "bucketMcBucketFace"},
-				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
-				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
-				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "n"},
-				MsgRsp{cmd.QuestionRunTfPlan, "n"},
-			})
-
-			final, _ = c.ExpectEOF()
-
-		},
-		"generate",
-		"cloud-account",
-		"gcp",
-	)
-
-	assertTerraformSaved(t, final)
-
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
-		gcp.WithProjectId(projectId),
-		gcp.WithExistingLogBucketName("bucketMcBucketFace"),
-	).Generate()
-	assert.Equal(t, buildTf, tfResult)
-}
-
-// Test Audit Log with new Bucket
-func TestGenerationGcpAuditLogNewBucket(t *testing.T) {
-	os.Setenv("LW_NOCACHE", "true")
-	defer os.Setenv("LW_NOCACHE", "")
-	var final string
-
-	tfResult := runGcpGenerateTest(t,
-		func(c *expect.Console) {
-			expectsCliOutput(t, c, []MsgRspHandler{
-				MsgRsp{cmd.QuestionGcpEnableAgentless, "n"},
-				MsgRsp{cmd.QuestionGcpEnableConfiguration, "y"},
-				MsgRsp{cmd.QuestionGcpEnableAuditLog, "y"},
-				MsgRsp{cmd.QuestionGcpProjectID, projectId},
-				MsgRsp{cmd.QuestionGcpOrganizationIntegration, "n"},
-				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
-				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
-				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "n"},
-				MsgRsp{cmd.QuestionGcpUseExistingBucket, "n"},
-				MsgRsp{cmd.QuestionGcpConfigureNewBucket, "n"},
-				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
-				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
-				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "n"},
-				MsgRsp{cmd.QuestionRunTfPlan, "n"},
-			})
-
-			final, _ = c.ExpectEOF()
-		},
-		"generate",
-		"cloud-account",
-		"gcp",
-	)
-
-	assertTerraformSaved(t, final)
-
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
-		gcp.WithProjectId(projectId),
-	).Generate()
-	assert.Equal(t, buildTf, tfResult)
-}
-
-// Test Audit Log with custom new Bucket
-func TestGenerationGcpAuditLogCustomNewBucket(t *testing.T) {
-	os.Setenv("LW_NOCACHE", "true")
-	defer os.Setenv("LW_NOCACHE", "")
-	var final string
-	bucketName := "my-new-bucket"
-
-	tfResult := runGcpGenerateTest(t,
-		func(c *expect.Console) {
-			expectsCliOutput(t, c, []MsgRspHandler{
-				MsgRsp{cmd.QuestionGcpEnableAgentless, "n"},
-				MsgRsp{cmd.QuestionGcpEnableConfiguration, "y"},
-				MsgRsp{cmd.QuestionGcpEnableAuditLog, "y"},
-				MsgRsp{cmd.QuestionGcpProjectID, projectId},
-				MsgRsp{cmd.QuestionGcpOrganizationIntegration, "n"},
-				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
-				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
-				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "n"},
-				MsgRsp{cmd.QuestionGcpUseExistingBucket, "n"},
-				MsgRsp{cmd.QuestionGcpConfigureNewBucket, "y"},
-				MsgRsp{cmd.QuestionGcpBucketRegion, "us-west1"},
-				MsgRsp{cmd.QuestionGcpCustomBucketName, bucketName},
-				MsgRsp{cmd.QuestionGcpBucketLifecycle, "420"},
-				MsgRsp{cmd.QuestionGcpEnableUBLA, "y"},
-				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
-				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
-				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "n"},
-				MsgRsp{cmd.QuestionRunTfPlan, "n"},
-			})
-			final, _ = c.ExpectEOF()
-		},
-		"generate",
-		"cloud-account",
-		"gcp",
-	)
-
-	assertTerraformSaved(t, final)
-
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
-		gcp.WithProjectId(projectId),
-		gcp.WithBucketRegion("us-west1"),
-		gcp.WithCustomBucketName(bucketName),
-		gcp.WithLogBucketLifecycleRuleAge(420),
-		gcp.WithEnableUBLA(true),
-	).Generate()
-	assert.Equal(t, buildTf, tfResult)
-}
-
 // Test Audit Log with existing sink.
 func TestGenerationGcpAuditLogWithExistingSink(t *testing.T) {
 	os.Setenv("LW_NOCACHE", "true")
@@ -622,13 +487,6 @@ func TestGenerationGcpAuditLogWithExistingSink(t *testing.T) {
 				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
 				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
 				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "n"},
-				MsgRsp{cmd.QuestionGcpUseExistingBucket, "n"},
-				MsgRsp{cmd.QuestionGcpConfigureNewBucket, "y"},
-				MsgRsp{cmd.QuestionGcpBucketRegion, "us-west1"},
-				MsgRsp{cmd.QuestionGcpCustomBucketName, ""},
-				MsgRsp{cmd.QuestionGcpBucketLifecycle, "420"},
-				MsgRsp{cmd.QuestionGcpEnableUBLA, "y"},
 				MsgRsp{cmd.QuestionGcpUseExistingSink, "y"},
 				MsgRsp{cmd.QuestionGcpExistingSinkName, "sink"},
 				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
@@ -646,57 +504,11 @@ func TestGenerationGcpAuditLogWithExistingSink(t *testing.T) {
 
 	buildTf, _ := gcp.NewTerraform(false, true, true, false,
 		gcp.WithProjectId(projectId),
-		gcp.WithBucketRegion("us-west1"),
-		gcp.WithLogBucketLifecycleRuleAge(420),
-		gcp.WithEnableUBLA(true),
 		gcp.WithExistingLogSinkName("sink"),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
 }
 
-// Test Audit Log with existing bucket
-func TestGenerationGcpAuditLogWithExistingBucket(t *testing.T) {
-	os.Setenv("LW_NOCACHE", "true")
-	defer os.Setenv("LW_NOCACHE", "")
-	var final string
-	filter := "filter"
-
-	tfResult := runGcpGenerateTest(t,
-		func(c *expect.Console) {
-			expectsCliOutput(t, c, []MsgRspHandler{
-				MsgRsp{cmd.QuestionGcpEnableAgentless, "n"},
-				MsgRsp{cmd.QuestionGcpEnableConfiguration, "n"},
-				MsgRsp{cmd.QuestionGcpEnableAuditLog, "y"},
-				MsgRsp{cmd.QuestionGcpProjectID, projectId},
-				MsgRsp{cmd.QuestionGcpOrganizationIntegration, "n"},
-				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
-				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
-				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "n"},
-				MsgRsp{cmd.QuestionGcpUseExistingBucket, "y"},
-				MsgRsp{cmd.QuestionGcpExistingBucketName, "bucketMcBucketFace"},
-				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
-				MsgRsp{cmd.QuestionGcpCustomFilter, filter},
-				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "n"},
-				MsgRsp{cmd.QuestionRunTfPlan, "n"},
-			})
-			final, _ = c.ExpectEOF()
-		},
-		"generate",
-		"cloud-account",
-		"gcp",
-	)
-
-	assertTerraformSaved(t, final)
-
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
-		gcp.WithProjectId(projectId),
-		gcp.WithExistingLogBucketName("bucketMcBucketFace"),
-		gcp.WithCustomFilter(filter),
-	).Generate()
-	assert.Equal(t, buildTf, tfResult)
-}
-
 // Test integrations with existing Service Account details
 func TestGenerationGcpExistingSA(t *testing.T) {
 	os.Setenv("LW_NOCACHE", "true")
@@ -756,7 +568,6 @@ func TestGenerationGcpPubSubUseExistingSA(t *testing.T) {
 				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
 				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "y"},
 				MsgMenu{cmd.GcpAdvancedOptAuditLog, 0},
-				MsgRsp{cmd.QuestionUsePubSubAudit, "y"},
 				MsgRsp{cmd.QuestionGcpUseExistingSink, "n"},
 				MsgRsp{cmd.QuestionGcpCustomFilter, ""},
 				MsgRsp{cmd.QuestionGcpAnotherAdvancedOpt, "y"},

From 96585766a35848d5123b433fea77c07e10fd8c7d Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Thu, 13 Jun 2024 13:47:09 +0000
Subject: [PATCH 03/11] fix(GROW-2950): remove unused gcp pubsub func

---
 cli/cmd/generate_gcp.go | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/cli/cmd/generate_gcp.go b/cli/cmd/generate_gcp.go
index 8c1fd067a..91ca11239 100644
--- a/cli/cmd/generate_gcp.go
+++ b/cli/cmd/generate_gcp.go
@@ -512,10 +512,6 @@ func promptGcpAuditLogQuestions(
 	return err
 }
 
-func usePubSubActivityDisabled(config *gcp.GenerateGcpTfConfigurationArgs) *bool {
-	usePubSubActivityDisabled := !config.UsePubSubAudit
-	return &usePubSubActivityDisabled
-}
 func promptGcpExistingServiceAccountQuestions(config *gcp.GenerateGcpTfConfigurationArgs) error {
 	// ensure struct is initialized
 	if config.ExistingServiceAccount == nil {

From a9e148659822ece171b7ff16640c3e04b6fa5f37 Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Thu, 13 Jun 2024 13:58:32 +0000
Subject: [PATCH 04/11] fix(GROW-2950): all generation tests should use pub/sub

---
 integration/gcp_generation_test.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/integration/gcp_generation_test.go b/integration/gcp_generation_test.go
index 36bb508a0..84cdaa98d 100644
--- a/integration/gcp_generation_test.go
+++ b/integration/gcp_generation_test.go
@@ -73,7 +73,7 @@ func TestGenerationGcpSimple(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
@@ -111,7 +111,7 @@ func TestGenerationGcpAgentless(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(true, false, false, false,
+	buildTf, _ := gcp.NewTerraform(true, false, false, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithOrganizationIntegration(true),
 		gcp.WithOrganizationId(organizationId),
@@ -149,7 +149,7 @@ func TestGenerationGcpConfig(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, false, false,
+	buildTf, _ := gcp.NewTerraform(false, true, false, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
@@ -183,7 +183,7 @@ func TestGenerationGcpAuditLog(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
+	buildTf, _ := gcp.NewTerraform(false, false, true, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
@@ -1304,7 +1304,7 @@ func TestGenerationGcpMultipleProjects(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithMultipleProject(gcpProjects),
 	).Generate()

From fb0ecd0e6651beb8e73282bfbaed62ab1786f1c8 Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Fri, 14 Jun 2024 13:33:26 +0000
Subject: [PATCH 05/11] fix(GROW-2950): fix help text

---
 integration/test_resources/help/generate_cloud-account_gcp | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/integration/test_resources/help/generate_cloud-account_gcp b/integration/test_resources/help/generate_cloud-account_gcp
index d130875ff..b5efc231d 100644
--- a/integration/test_resources/help/generate_cloud-account_gcp
+++ b/integration/test_resources/help/generate_cloud-account_gcp
@@ -25,14 +25,9 @@ Flags:
       --apply                                         run terraform apply without executing plan or prompting
       --audit_log                                     enable audit log integration
       --audit_log_integration_name string             specify a custom audit log integration name
-      --bucket_lifecycle_rule_age int                 specify the lifecycle rule age (default -1)
-      --bucket_region string                          specify bucket region
       --configuration                                 enable configuration integration
       --configuration_integration_name string         specify a custom configuration integration name
-      --custom_bucket_name string                     override prefix based storage bucket name generation with a custom name
       --custom_filter string                          Audit Log filter which supersedes all other filter options when defined
-      --enable_ubla                                   enable universal bucket level access(ubla) (default true)
-      --existing_bucket_name string                   specify existing bucket name
       --existing_service_account_name string          specify existing service account name
       --existing_service_account_private_key string   specify existing service account private key (base64 encoded)
       --existing_sink_name string                     specify existing sink name
@@ -51,7 +46,7 @@ Flags:
       --projects strings                              list of project IDs to integrate with (project-level integrations)
       --regions strings                               List of GCP regions to deploy for Agentless integration
       --service_account_credentials string            specify service account credentials JSON file path (leave blank to make use of google credential ENV vars)
-      --use_pub_sub                                   use pub/sub for the audit log data rather than bucket
+      --use_pub_sub                                   deprecated: pub/sub audit log integration is always used and only supported type (default true)
       --wait_time string                              amount of time to wait before the next resource is provisioned
 
 Global Flags:

From 681941fa772420148d0c65d1a4a35f3b29ea3fd6 Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Fri, 14 Jun 2024 15:38:15 +0000
Subject: [PATCH 06/11] fix(GROW-2950): remove ubla flags

---
 cli/cmd/generate_gcp.go            |  6 ---
 integration/gcp_generation_test.go | 69 ------------------------------
 2 files changed, 75 deletions(-)

diff --git a/cli/cmd/generate_gcp.go b/cli/cmd/generate_gcp.go
index 91ca11239..a6f6635c7 100644
--- a/cli/cmd/generate_gcp.go
+++ b/cli/cmd/generate_gcp.go
@@ -115,7 +115,6 @@ See help output for more details on the parameter value(s) required for Terrafor
 				gcp.WithK8sFilter(GenerateGcpCommandState.K8sFilter),
 				gcp.WithPrefix(GenerateGcpCommandState.Prefix),
 				gcp.WithWaitTime(GenerateGcpCommandState.WaitTime),
-				gcp.WithEnableUBLA(GenerateGcpCommandState.EnableUBLA),
 				gcp.WithMultipleProject(GenerateGcpCommandState.Projects),
 				gcp.WithProjectFilterList(GenerateGcpCommandState.ProjectFilterList),
 				gcp.WithRegions(GenerateGcpCommandState.Regions),
@@ -364,11 +363,6 @@ func initGenerateGcpTfCommandFlags() {
 
 	// ---
 
-	generateGcpTfCommand.PersistentFlags().BoolVar(
-		&GenerateGcpCommandState.EnableUBLA,
-		"enable_ubla",
-		true,
-		"enable universal bucket level access(ubla)")
 	generateGcpTfCommand.PersistentFlags().StringVar(
 		&GenerateGcpCommandState.CustomFilter,
 		"custom_filter",
diff --git a/integration/gcp_generation_test.go b/integration/gcp_generation_test.go
index 84cdaa98d..e8b355adb 100644
--- a/integration/gcp_generation_test.go
+++ b/integration/gcp_generation_test.go
@@ -266,75 +266,6 @@ func TestGenerationGcpAuditLogPubSubOrg(t *testing.T) {
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
 }
-func TestGenerationGcpAuditLogEnableUBLA(t *testing.T) {
-	os.Setenv("LW_NOCACHE", "true")
-	defer os.Setenv("LW_NOCACHE", "")
-	var final string
-	projectId := "project-1"
-
-	tfResult := runGcpGenerateTest(t,
-		func(c *expect.Console) {
-			expectsCliOutput(t, c, []MsgRspHandler{
-				MsgRsp{cmd.QuestionGcpEnableAgentless, "n"},
-				MsgRsp{cmd.QuestionGcpEnableConfiguration, "n"},
-				MsgRsp{cmd.QuestionGcpEnableAuditLog, "y"},
-				MsgRsp{cmd.QuestionGcpProjectID, projectId},
-				MsgRsp{cmd.QuestionGcpOrganizationIntegration, "n"},
-				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
-				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "n"},
-				MsgRsp{cmd.QuestionRunTfPlan, "n"},
-			})
-			final, _ = c.ExpectEOF()
-		},
-		"generate",
-		"cloud-account",
-		"gcp",
-		"--enable_ubla",
-	)
-
-	assert.Contains(t, final, "Terraform code saved in")
-
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
-		gcp.WithProjectId("project-1"),
-		gcp.WithEnableUBLA(true),
-	).Generate()
-	assert.Equal(t, buildTf, tfResult)
-}
-
-func TestGenerationGcpAuditLogDisableUBLA(t *testing.T) {
-	os.Setenv("LW_NOCACHE", "true")
-	defer os.Setenv("LW_NOCACHE", "")
-	var final string
-	projectId := "project-1"
-
-	tfResult := runGcpGenerateTest(t,
-		func(c *expect.Console) {
-			expectsCliOutput(t, c, []MsgRspHandler{
-				MsgRsp{cmd.QuestionGcpEnableAgentless, "n"},
-				MsgRsp{cmd.QuestionGcpEnableConfiguration, "n"},
-				MsgRsp{cmd.QuestionGcpEnableAuditLog, "y"},
-				MsgRsp{cmd.QuestionGcpProjectID, projectId},
-				MsgRsp{cmd.QuestionGcpOrganizationIntegration, "n"},
-				MsgRsp{cmd.QuestionGcpServiceAccountCredsPath, ""},
-				MsgRsp{cmd.QuestionGcpConfigureAdvanced, "n"},
-				MsgRsp{cmd.QuestionRunTfPlan, "n"},
-			})
-			final, _ = c.ExpectEOF()
-		},
-		"generate",
-		"cloud-account",
-		"gcp",
-		"--enable_ubla=false",
-	)
-
-	assert.Contains(t, final, "Terraform code saved in")
-
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
-		gcp.WithProjectId("project-1"),
-		gcp.WithEnableUBLA(false),
-	).Generate()
-	assert.Equal(t, buildTf, tfResult)
-}
 
 // Test organization integration for Agentless, Configuration and Audit Log
 func TestGenerationGcpAllIntegrationsOrg(t *testing.T) {

From 5e5bbfc0699cc0cad5cc9095f09399954e801600 Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Fri, 14 Jun 2024 20:42:06 +0000
Subject: [PATCH 07/11] fix(GROW-2950): remove references to gcp bucket_region

---
 cli/cmd/generate_gcp.go | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/cli/cmd/generate_gcp.go b/cli/cmd/generate_gcp.go
index a6f6635c7..66e477718 100644
--- a/cli/cmd/generate_gcp.go
+++ b/cli/cmd/generate_gcp.go
@@ -199,15 +199,6 @@ See help output for more details on the parameter value(s) required for Terrafor
 				}
 			}
 
-			// Validate gcp region, if passed
-			region, err := cmd.Flags().GetString("bucket_region")
-			if err != nil {
-				return errors.Wrap(err, "failed to load command flags")
-			}
-			if err := validateGcpRegion(region); err != nil {
-				return err
-			}
-
 			projectId, err := cmd.Flags().GetString("project_id")
 			if err != nil {
 				return errors.Wrap(err, "failed to load command flags")

From 4862fbbfc847acb87d1870167fd909ab2a9bf41d Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Fri, 14 Jun 2024 20:49:56 +0000
Subject: [PATCH 08/11] fix(GROW-2950): remove unused validateGcpRegion func

---
 cli/cmd/generate_gcp.go | 24 ------------------------
 1 file changed, 24 deletions(-)

diff --git a/cli/cmd/generate_gcp.go b/cli/cmd/generate_gcp.go
index 66e477718..630e6394f 100644
--- a/cli/cmd/generate_gcp.go
+++ b/cli/cmd/generate_gcp.go
@@ -425,30 +425,6 @@ func initGenerateGcpTfCommandFlags() {
 		"list of project IDs to integrate with (project-level integrations)")
 }
 
-// survey.Validator for gcp region
-func validateGcpRegion(val interface{}) error {
-	switch value := val.(type) {
-	case string:
-		// as this field is optional, it is valid for this field to be empty
-		if value != "" {
-			// if value doesn't match regex, return invalid arn
-			ok, err := regexp.MatchString(GcpRegionRegex, value)
-			if err != nil {
-				return errors.Wrap(err, "failed to validate input")
-			}
-
-			if !ok {
-				return errors.New("invalid region name supplied")
-			}
-		}
-	default:
-		// if the value passed is not a string
-		return errors.New("value must be a string")
-	}
-
-	return nil
-}
-
 func promptGcpAgentlessQuestions(
 	config *gcp.GenerateGcpTfConfigurationArgs,
 	extraState *GcpGenerateCommandExtraState,

From 6aaad2ae25bd745558c29dd25bb59b1bea429470 Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Mon, 17 Jun 2024 13:03:00 +0000
Subject: [PATCH 09/11] chore(GROW-2950): temporarily disable test

---
 integration/vulnerability_test.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/integration/vulnerability_test.go b/integration/vulnerability_test.go
index 8e6a68b36..852ceb9a6 100644
--- a/integration/vulnerability_test.go
+++ b/integration/vulnerability_test.go
@@ -51,6 +51,7 @@ func TestVulnerabilityCommands(t *testing.T) {
 }
 
 func TestHostVulnerabilityCollectorTypeAgentless(t *testing.T) {
+	t.Skip() // temporary, testing
 	out, err, exitcode := LaceworkCLIWithTOMLConfig("vulnerability", "host", "show", "7900845793106000058", "--collector_type", "Agentless")
 
 	assert.Empty(t, err.String(), "STDERR should be empty")

From ef4b18acb8e65b49f430f580c042cb8cf444725f Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Mon, 17 Jun 2024 13:35:07 +0000
Subject: [PATCH 10/11] fix(GROW-2950): fix int tests not using pubsub audit

---
 integration/gcp_generation_test.go | 38 +++++++++++++++---------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/integration/gcp_generation_test.go b/integration/gcp_generation_test.go
index e8b355adb..334513046 100644
--- a/integration/gcp_generation_test.go
+++ b/integration/gcp_generation_test.go
@@ -300,7 +300,7 @@ func TestGenerationGcpAllIntegrationsOrg(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(true, true, true, false,
+	buildTf, _ := gcp.NewTerraform(true, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithOrganizationIntegration(true),
 		gcp.WithOrganizationId(organizationId),
@@ -342,7 +342,7 @@ func TestGenerationGcpPrefixAndWait(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithPrefix(prefix),
 		gcp.WithWaitTime(waitTime),
@@ -394,7 +394,7 @@ func TestGenerationGcpSACreds(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithGcpServiceAccountCredentials(serviceAccountFilePath),
 	).Generate()
@@ -433,7 +433,7 @@ func TestGenerationGcpAuditLogWithExistingSink(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithExistingLogSinkName("sink"),
 	).Generate()
@@ -475,7 +475,7 @@ func TestGenerationGcpExistingSA(t *testing.T) {
 	serviceAccountDetails.Name = "SA_1"
 	serviceAccountDetails.PrivateKey = "cGFzc3dvcmRNY1Bhc3N3b3JkRmFjZQ=="
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithExistingServiceAccount(serviceAccountDetails),
 	).Generate()
@@ -561,7 +561,7 @@ func TestGenerationGcpConfigurationWithCustomIntegrationName(t *testing.T) {
 	assertTerraformSaved(t, final)
 
 	// Create the TF directly with lwgenerate and validate same result via CLI
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithConfigurationIntegrationName("customConfigurationIntegrationName"),
 	).Generate()
@@ -600,7 +600,7 @@ func TestGenerationGcpAuditLogWithCustomIntegrationName(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithAuditLogIntegrationName("customAuditLogIntegrationName"),
 	).Generate()
@@ -645,7 +645,7 @@ func TestGenerationGcpCustomizedOutputLocation(t *testing.T) {
 
 	result, _ := os.ReadFile(filepath.FromSlash(fmt.Sprintf("%s/main.tf", dir)))
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, string(result))
@@ -679,7 +679,7 @@ func TestGenerationGcpAdvancedOptsDone(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
@@ -713,7 +713,7 @@ func TestGenerationGcpAdvancedOptsDoneConfigurationOnly(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, false, false,
+	buildTf, _ := gcp.NewTerraform(false, true, false, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
@@ -799,7 +799,7 @@ func TestGenerationGcpFolders(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithOrganizationIntegration(true),
 		gcp.WithOrganizationId(organizationId),
@@ -842,7 +842,7 @@ func TestGenerationGcpFoldersShorthand(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithOrganizationIntegration(true),
 		gcp.WithOrganizationId(organizationId),
@@ -883,7 +883,7 @@ func TestGenerationGcpIncludeRootProjects(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithOrganizationIntegration(true),
 		gcp.WithOrganizationId(organizationId),
@@ -924,7 +924,7 @@ func TestGenerationGcpIncludeRootProjectsFalse(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithOrganizationIntegration(true),
 		gcp.WithOrganizationId(organizationId),
@@ -963,7 +963,7 @@ func TestGenerationGcpAuditLogFiltersTrue(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
+	buildTf, _ := gcp.NewTerraform(false, false, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithGoogleWorkspaceFilter(true),
 		gcp.WithK8sFilter(true),
@@ -1000,7 +1000,7 @@ func TestGenerationGcpAuditLogFiltersFalse(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
+	buildTf, _ := gcp.NewTerraform(false, false, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithGoogleWorkspaceFilter(false),
 		gcp.WithK8sFilter(false),
@@ -1037,7 +1037,7 @@ func TestGenerationGcpInvalidProjectId(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, false, true, false,
+	buildTf, _ := gcp.NewTerraform(false, false, true, true,
 		gcp.WithProjectId(projectId),
 	).Generate()
 	assert.Equal(t, buildTf, tfResult)
@@ -1191,7 +1191,7 @@ func TestGenerationGcpLaceworkProfile(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithLaceworkProfile(gcpProfile),
 	).Generate()
@@ -1274,7 +1274,7 @@ func TestGenerationGcpMultipleProjectsInteractive(t *testing.T) {
 
 	assertTerraformSaved(t, final)
 
-	buildTf, _ := gcp.NewTerraform(false, true, true, false,
+	buildTf, _ := gcp.NewTerraform(false, true, true, true,
 		gcp.WithProjectId(projectId),
 		gcp.WithMultipleProject(gcpProjects),
 	).Generate()

From 3eb6a8f3d5f4d34392d25a9dc689df2243bbb008 Mon Sep 17 00:00:00 2001
From: ipcrm <matthew.cadorette@lacework.net>
Date: Tue, 16 Jul 2024 13:21:30 +0000
Subject: [PATCH 11/11] fix: re-enable test

---
 integration/vulnerability_test.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/integration/vulnerability_test.go b/integration/vulnerability_test.go
index 852ceb9a6..8e6a68b36 100644
--- a/integration/vulnerability_test.go
+++ b/integration/vulnerability_test.go
@@ -51,7 +51,6 @@ func TestVulnerabilityCommands(t *testing.T) {
 }
 
 func TestHostVulnerabilityCollectorTypeAgentless(t *testing.T) {
-	t.Skip() // temporary, testing
 	out, err, exitcode := LaceworkCLIWithTOMLConfig("vulnerability", "host", "show", "7900845793106000058", "--collector_type", "Agentless")
 
 	assert.Empty(t, err.String(), "STDERR should be empty")