Esempi in Python per PrismaCloudRequest

Esempio n. 1

def main():
    module = AnsibleModule(
        argument_spec=dict(
            name=dict(),
            id=dict(),
            cloudType=dict(type='list'),
            systemDefault=dict(type='bool'),
            details=pc.details_spec(),
            search_type=pc.search_type_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    path = ['compliance', ]
    listing = client.get(path)

    results = client.get_facts_from(
        listing,
        'name', ['id', 'cloudType', 'systemDefault'],
        ['compliance', 'id'], (1, ),
    )

    module.exit_json(**results)

Esempio n. 2

def main():
    module = AnsibleModule(
        argument_spec=dict(
            name=dict(),
            id=dict(),
            cloudType=dict(choices=['aws', 'azure', 'gcp', 'alibaba_cloud']),
            details=pc.details_spec(),
            search_type=pc.search_type_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    path = ['cloud', 'name']
    listing = client.get(path)

    results = client.get_facts_from(
        listing,
        'name',
        ['cloudType', 'id'],
        ['cloud', 'cloudType', 'id'],
        (1, 2),
    )

    module.exit_json(**results)

Esempio n. 3

File: prismacloud_compliance_standard_requirement_facts.py Progetto: ekmixon/prisma-cloud-ansible

def main():
    module = AnsibleModule(
        argument_spec=dict(
            complianceId=dict(required=True),
            name=dict(),
            id=dict(),
            systemDefault=dict(type='bool'),
            details=pc.details_spec(),
            search_type=pc.search_type_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    path = ['compliance', module.params['complianceId'], 'requirement']
    listing = client.get(path)

    results = client.get_facts_from(
        listing,
        'name', ['systemDefault', 'id'],
        ['compliance', 'requirement', 'id'], (2, ),
    )

    module.exit_json(**results)

Esempio n. 4

File: prismacloud_policy_facts.py Progetto: ekmixon/prisma-cloud-ansible

def main():
    module = AnsibleModule(
        argument_spec=dict(
            name=dict(),
            policyId=dict(),
            policyType=dict(choices=['config', 'audit_event', 'network']),
            systemDefault=dict(type='bool'),
            cloudType=dict(),
            severity=dict(choices=['low', 'medium', 'high']),
            details=pc.details_spec(),
            search_type=pc.search_type_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    path = [
        'policy',
    ]
    listing = client.get(path)

    results = client.get_facts_from(
        listing,
        'name',
        ['policyId', 'policyType', 'systemDefault', 'cloudType', 'severity'],
        ['policy', 'policyId'],
        (1, ),
    )

    module.exit_json(**results)

Esempio n. 5

File: prismacloud_compliance_standard_requirement_section_facts.py Progetto: stealthllama/ansible-playbooks

def main():
    module = AnsibleModule(
        argument_spec=dict(
            csr_id=dict(required=True),
            section_id=dict(),
            system_default=dict(type='bool'),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    csr_id = module.params['csr_id']
    section_id = module.params['section_id']
    system_default = module.params['system_default']

    path = ['compliance', csr_id, 'section']
    listing = client.get(path)

    ans = []
    for x in listing:
        if section_id is not None and x['sectionId'] != section_id:
            continue

        if system_default is not None and x['systemDefault'] != system_default:
            continue

        ans.append(x)

    module.exit_json(changed=False, total=len(listing), listing=ans)

Esempio n. 6

File: prismacloud_account_group_facts.py Progetto: stealthllama/ansible-playbooks

def main():
    module = AnsibleModule(
        argument_spec=dict(
            name=dict(),
            details=pc.details_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    name = module.params['name']
    details = module.params['details']

    path = ['cloud', 'group']
    listing = client.get(path)

    ans = []
    for x in listing:
        if name is not None and x['name'] != name:
            continue

        val = None
        if details:
            path = ['cloud', 'group', x['id']]
            val = client.get(path)
        else:
            val = pc.hide_details(x, ['name', 'id'])

        ans.append(val)

    module.exit_json(changed=False, total=len(listing), listing=ans)

Esempio n. 7

File: prismacloud_compliance_standard_facts.py Progetto: stealthllama/ansible-playbooks

def main():
    module = AnsibleModule(
        argument_spec=dict(
            name=dict(),
            cloud_types=dict(type='list'),
            system_default=dict(type='bool'),
            details=pc.details_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    name = module.params['name']
    cloud_types = module.params['cloud_types']
    system_default = module.params['system_default']
    details = module.params['details']

    path = [
        'compliance',
    ]
    listing = client.get(path)

    ans = []
    for x in listing:
        if name is not None and x['name'] != name:
            continue

        if cloud_types is not None and set(cloud_types).isdisjoint(
                set(x['cloudType'])):
            continue

        if system_default is not None and x['systemDefault'] != system_default:
            continue

        val = None
        if details:
            path = ['compliance', x['id']]
            val = client.get(path)
        else:
            val = pc.hide_details(x,
                                  ['name', 'id', 'cloudType', 'systemDefault'])

        ans.append(val)

    module.exit_json(changed=False, total=len(listing), listing=ans)

Esempio n. 8

File: prismacloud_compliance_standard_requirement_facts.py Progetto: stealthllama/ansible-playbooks

def main():
    module = AnsibleModule(
        argument_spec=dict(
            cs_id=dict(required=True),
            name=dict(),
            system_default=dict(type='bool'),
            details=pc.details_spec(),
        ),
        supports_check_mode=False,
    )

    client = pc.PrismaCloudRequest(module)

    cs_id = module.params['cs_id']
    name = module.params['name']
    system_default = module.params['system_default']
    details = module.params['details']

    path = ['compliance', cs_id, 'requirement']
    listing = client.get(path)

    ans = []
    for x in listing:
        if name is not None and x['name'] != name:
            continue

        if system_default is not None and x['systemDefault'] != system_default:
            continue

        val = None
        if details:
            path = ['compliance', 'requirement', x['id']]
            val = client.get(path)
        else:
            val = pc.hide_details(x, ['name', 'id', 'systemDefault'])

        ans.append(val)

    module.exit_json(changed=False, total=len(listing), listing=ans)

Esempio n. 9

File: prismacloud_gcp_cloud_account.py Progetto: ekmixon/prisma-cloud-ansible

def main():
    module = AnsibleModule(
        argument_spec=dict(
            cloudAccount=dict(
                required=True,
                type='dict',
                required_one_of=[
                    ['accountId', 'name'],
                ],
                options=dict(
                    accountId=dict(),
                    enabled=dict(type='bool', default=False),
                    groupIds=dict(type='list'),
                    name=dict(),
                ),
            ),
            compressionEnabled=dict(type='bool'),
            dataflowEnabledProject=dict(),
            flowLogStorageBucket=dict(),
            credentials=dict(
                type='dict',
                options=dict(
                    type=dict(),
                    project_id=dict(),
                    private_key_id=dict(),
                    private_key=dict(),
                    client_email=dict(),
                    client_id=dict(),
                    auth_uri=dict(),
                    token_uri=dict(),
                    auth_provider_x509_cert_url=dict(),
                    client_x509_cert_url=dict(),
                ),
            ),
            state=pc.state_spec(),
        ),
        supports_check_mode=True,
    )

    client = pc.PrismaCloudRequest(module)

    # Variables.
    obj = None
    results = {'changed': False}

    # Retrieve obj details.
    if module.params['cloudAccount']['accountId'] is not None:
        try:
            obj = client.get(
                ['cloud', 'gcp', module.params['cloudAccount']['accountId']])
        except errors.ObjectNotFoundError:
            pass
    else:
        the_id = identify(client, module.params['cloudAccount']['name'])
        if the_id is not None:
            obj = client.get(['cloud', 'gcp', the_id])

    results['before'] = obj

    fields = [
        'cloudAccount', 'credentials', 'compressionEnabled',
        'dataflowEnabledProject', 'flowLogStorageBucket'
    ]
    ca_fields = ['accountId', 'enabled', 'groupIds', 'name']
    c_fields = [
        'type',
        'project_id',
        'private_key_id',
        'private_key',
        'client_email',
        'client_id',
        'auth_uri',
        'token_uri',
        'auth_provider_x509_cert_url',
        'client_x509_cert_url',
    ]

    if module.params['state'] == 'present':
        req_obj = {
            'cloudAccount': {
                'accountId': '',
                'enabled': False,
                'groupIds': [],
                'name': '',
            },
            'compressionEnabled': False,
            'flowLogStorageBucket': '',
            'credentials': {
                'type': '',
                'project_id': '',
                'private_key_id': '',
                'private_key': '',
                'client_email': '',
                'client_id': '',
                'auth_uri': '',
                'token_uri': '',
                'auth_provider_x509_cert_url': '',
                'client_x509_cert_url': '',
            },
        }
        for field in fields:
            if field == 'cloudAccount':
                ca = module.params['cloudAccount']
                for ca_field in ca_fields:
                    if ca[ca_field] is not None:
                        req_obj[field][ca_field] = ca[ca_field]
            elif field == 'credentials':
                creds = module.params['credentials']
                for c_field in c_fields:
                    if creds[c_field] is not None:
                        req_obj[field][c_field] = creds[c_field]
            elif module.params[field] is not None:
                req_obj[field] = module.params[field]

        if obj is None:
            results['changed'] = True
            if not module.check_mode:
                client.post(['cloud', 'gcp'], req_obj)
                req_obj['cloudAccount']['accountId'] = identify(
                    client, module.params['cloudAccount']['name'])
        else:
            if not req_obj['cloudAccount']['accountId']:
                req_obj['cloudAccount']['accountId'] = obj['cloudAccount'][
                    'accountId']
            for field in fields:
                if field == 'cloudAccount':
                    for ca_field in ca_fields:
                        if obj.get(field, {}).get(ca_field) != req_obj.get(
                                field, {}).get(ca_field):
                            results['changed'] = True
                            break
                elif field == 'credentials':
                    for c_field in c_fields:
                        if obj.get(field, {}).get(c_field) != req_obj.get(
                                field, {}).get(c_field):
                            results['changed'] = True
                            break
                elif obj.get(field) != req_obj.get(field):
                    results['changed'] = True
                if results['changed']:
                    if not module.check_mode:
                        client.put([
                            'cloud', 'gcp',
                            req_obj['cloudAccount']['accountId']
                        ], req_obj)
                    break
        results['after'] = req_obj
    elif module.params['state'] == 'absent':
        results['after'] = None
        if obj is not None:
            results['changed'] = True
            if not module.check_mode:
                client.delete(
                    ['cloud', 'gcp', obj['cloudAccount']['accountId']])

    # Done.
    module.exit_json(**results)

Esempio n. 10

def main():
    module = AnsibleModule(
        argument_spec=dict(
            accountId=dict(),
            enabled=dict(type='bool', default=False),
            externalId=dict(no_log=True),
            groupIds=dict(type='list'),
            name=dict(),
            roleArn=dict(),
            state=pc.state_spec(),
        ),
        required_one_of=[
            ['accountId', 'name'],
        ],
        supports_check_mode=True,
    )

    client = pc.PrismaCloudRequest(module)

    # Variables.
    obj = None
    results = {'changed': False}

    # Retrieve obj details.
    if module.params['accountId'] is not None:
        try:
            obj = client.get(['cloud', 'aws', module.params['accountId']])
        except errors.ObjectNotFoundError:
            pass
    else:
        the_id = identify(client, module.params['name'])
        if the_id is not None:
            obj = client.get(['cloud', 'aws', the_id])

    results['before'] = obj

    if module.params['state'] == 'present':
        fields = ['accoundId', 'enabled', 'externalId', 'groupIds', 'name', 'roleArn']
        req_obj = {
            'accountId': '',
            'enabled': False,
            'externalId': '',
            'groupIds': [],
            'name': '',
            'roleArn': '',
        }
        for field in fields:
            if module.params[field] is not None:
                req_obj[field] = module.params[field]

        if obj is None:
            results['changed'] = True
            if not module.check_mode:
                client.post(['cloud', 'aws'], req_obj)
                req_obj['accountId'] = identify(client, req_obj['name'])
        else:
            if not req_obj['accountId']:
                req_obj['accountId'] = obj['accountId']
            for field in fields:
                if obj.get(field) != req_obj.get(field):
                    results['changed'] = True
                    if not module.check_mode:
                        client.put(['cloud', 'aws', req_obj['accountId']], req_obj)
                    break
        results['after'] = req_obj
    elif module.params['state'] == 'absent':
        results['after'] = None
        if obj is not None:
            results['changed'] = True
            if not module.check_mode:
                client.delete(['cloud', 'aws', obj['accountId']])

    # Done.
    module.exit_json(**results)

Esempio n. 11

File: prismacloud_azure_cloud_account.py Progetto: ekmixon/prisma-cloud-ansible

def main():
    module = AnsibleModule(
        argument_spec=dict(
            cloudAccount=dict(
                required=True,
                type='dict',
                required_one_of=[
                    ['accountId', 'name'],
                ],
                options=dict(
                    accountId=dict(),
                    enabled=dict(type='bool', default=False),
                    groupIds=dict(type='list'),
                    name=dict(),
                ),
            ),
            clientId=dict(),
            key=dict(),
            monitorFlowLogs=dict(type='bool'),
            tenantId=dict(),
            servicePrincipalId=dict(),
            state=pc.state_spec(),
        ),
        supports_check_mode=True,
    )

    client = pc.PrismaCloudRequest(module)

    # Variables.
    obj = None
    results = {'changed': False}

    # Retrieve obj details.
    if module.params['cloudAccount']['accountId'] is not None:
        try:
            obj = client.get(
                ['cloud', 'azure', module.params['cloudAccount']['accountId']])
        except errors.ObjectNotFoundError:
            pass
    else:
        the_id = identify(client, module.params['cloudAccount']['name'])
        if the_id is not None:
            obj = client.get(['cloud', 'azure', the_id])

    results['before'] = obj

    fields = [
        'cloudAccount', 'clientId', 'key', 'monitorFlowLogs', 'tenantId',
        'servicePrincipalId'
    ]
    ca_fields = ['accountId', 'enabled', 'groupIds', 'name']

    if module.params['state'] == 'present':
        req_obj = {
            'cloudAccount': {
                'accountId': '',
                'enabled': False,
                'groupIds': [],
                'name': '',
            },
            'clientId': '',
            'key': '',
            'monitorFlowLogs': False,
            'tenantId': '',
            'servicePrincipalId': '',
        }
        for field in fields:
            if field == 'cloudAccount':
                ca = module.params['cloudAccount']
                for ca_field in ca_fields:
                    if ca[ca_field] is not None:
                        req_obj[field][ca_field] = ca[ca_field]
            elif module.params[field] is not None:
                req_obj[field] = module.params[field]

        if obj is None:
            results['changed'] = True
            if not module.check_mode:
                client.post(['cloud', 'azure'], req_obj)
                req_obj['cloudAccount']['accountId'] = identify(
                    client, module.params['cloudAccount']['name'])
        else:
            if not req_obj['cloudAccount']['accountId']:
                req_obj['cloudAccount']['accountId'] = obj['cloudAccount'][
                    'accountId']
            for field in fields:
                if field == 'cloudAccount':
                    for ca_field in ca_fields:
                        if obj.get(field, {}).get(ca_field) != req_obj.get(
                                field, {}).get(ca_field):
                            results['changed'] = True
                            break
                elif obj.get(field) != req_obj.get(field):
                    results['changed'] = True
                if results['changed']:
                    if not module.check_mode:
                        client.put([
                            'cloud', 'azure',
                            req_obj['cloudAccount']['accountId']
                        ], req_obj)
                    break
        results['after'] = req_obj
    elif module.params['state'] == 'absent':
        results['after'] = None
        if obj is not None:
            results['changed'] = True
            if not module.check_mode:
                client.delete(
                    ['cloud', 'azure', obj['cloudAccount']['accountId']])

    # Done.
    module.exit_json(**results)