def create(self, group_name, **kwargs): """Creates a ServerGroup. Args: group_name (str): Name for the new group Keyword Args: firewall_policy_id (str): ID of firewall policy to be assigned to \ the group (deprecated- use linux_firewall_policy_id) linux_firewall_policy_id (str): ID of linux firewall policy to \ associate with the new group windows_firewall_policy_id (str): ID of Windows firewall policy \ to associate with the new group policy_ids (list): List of Linux configuration policy IDs windows_policy_ids (list): List of Windows configuration policy IDs fim_policy_ids (list): List of Linux FIM policies linux_fim_policy_ids (list): List of Linux FIM policies windows_fim_policy_ids (list): List of Windows FIM policies lids_policy_ids (list): List of LIDS policy IDs tag (str): Server group tag-used for auto-assignment of group. server_events_policy (str): Special events policy IDs alert_profiles (list): List of alert profile IDs Returns: str: ID of newly-created group. """ endpoint = "/v1/groups" group_data = {"name": group_name, "policy_ids": [], "tag": None} body = {"group": utility.merge_dicts(group_data, kwargs)} request = HttpHelper(self.session) response = request.post(endpoint, body) return response["group"]["id"]
def create(self, fim_policy_id, server_id, **kwargs): """Creates a FIM baseline Args: fim_policy_id (str): ID of FIM policy to baseline server_id (str): ID of server to use for generating baseline Keyword Args: expires (int): Number of days from today for expiration of baseline comment (str): Guess. Returns: str: ID of new baseline """ sanity.validate_object_id([fim_policy_id, server_id]) request = HttpHelper(self.session) endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id request_body = {"baseline": {"server_id": server_id, "expires": None, "comment": None}} if "expires" in kwargs: request_body["baseline"]["expires"] = kwargs["expires"] if "comment" in kwargs: request_body["baseline"]["comment"] = kwargs["comment"] response = request.post(endpoint, request_body) policy_id = response["baseline"]["id"] return policy_id
def create(self, fim_policy_id, server_id, **kwargs): """Creates a FIM baseline Args: fim_policy_id (str): ID of FIM policy to baseline server_id (str): ID of server to use for generating baseline Keyword Args: expires (int): Number of days from today for expiration of baseline comment (str): Guess. Returns: str: ID of new baseline """ sanity.validate_object_id([fim_policy_id, server_id]) request = HttpHelper(self.session) endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id request_body = { "baseline": { "server_id": server_id, "expires": None, "comment": None } } if "expires" in kwargs: request_body["baseline"]["expires"] = kwargs["expires"] if "comment" in kwargs: request_body["baseline"]["comment"] = kwargs["comment"] response = request.post(endpoint, request_body) policy_id = response["baseline"]["id"] return policy_id
def initiate_scan(self, server_id, scan_type): """Initiate a scan on a specific server. Args: server_id (str): ID of server to be scanned scan_type (str): Type of scan to be run. Valid scan types: sca - Configuration scan csm - Configuration scan (same as sca) svm - Software vulnerability scan sva - Software vulnerability scan (same as svm) sam - Server access management scan fim - File integrity monitoring scan sv - Agent self-verifiation scan Returns: dict: Dictionary describing command created as a result of this \ call Failure throws an exception. """ sanity.validate_object_id(server_id) if self.scan_type_supported(scan_type) is False: exception_message = "Unsupported scan type: %s" % scan_type raise CloudPassageValidation(exception_message) else: scan_type_normalized = self.supported_scans[scan_type] request_body = {"scan": {"module": scan_type_normalized}} endpoint = "/v1/servers/%s/scans" % server_id request = HttpHelper(self.session) response = request.post(endpoint, request_body) command_info = response["command"] return command_info
def create(self, policy_body): """Creates a policy from JSON document. Returns the ID of the new policy """ request = HttpHelper(self.session) request_body = utility.policy_to_dict(policy_body) return request.post(self.endpoint(), request_body)["id"]
def create(self, group_name, **kwargs): """Creates a ServerGroup. Args: group_name (str): Name for the new group Keyword Args: firewall_policy_id (str): ID of firewall policy to be assigned to \ the group (deprecated- use linux_firewall_policy_id) linux_firewall_policy_id (str): ID of linux firewall policy to \ associate with the new group windows_firewall_policy_id (str): ID of Windows firewall policy \ to associate with the new group policy_ids (list): List of Linux configuration policy IDs windows_policy_ids (list): List of Windows configuration policy IDs fim_policy_ids (list): List of Linux FIM policies linux_fim_policy_ids (list): List of Linux FIM policies windows_fim_policy_ids (list): List of Windows FIM policies linux_lids_policy_ids (list): List of Linux LIDS policy IDs windows_lids_policy_ids (list): List of Windows LIDS policy IDs tag (str): Server group tag-used for auto-assignment of group. server_events_policy (str): Special events policy IDs alert_profiles (list): List of alert profile IDs Returns: str: ID of newly-created group. """ endpoint = "/v1/groups" group_data = {"name": group_name, "policy_ids": [], "tag": None} try: sanity.validate_servergroup_create(kwargs) except TypeError as exc: raise CloudPassageValidation(exc) body = {"group": utility.merge_dicts(group_data, kwargs)} request = HttpHelper(self.session) response = request.post(endpoint, body) return response["group"]["id"]
def create(self, firewall_policy_id, rule_body): """Creates a rule within a firewall policy. Args: rule_body (dict or str): string or dict containing the json \ representation of the firewall policy to be created. Returns: str: ID of newly-created firewall rule Example rule_body: :: { "firewall_rule" : { "chain": "INPUT", "active": true, "firewall_interface": "7b881ca072b1012ec681404096c01709", "firewall_service": "7b6409a072b1012ec681404096c01709", "connection_states": "NEW, ESTABLISHED", "action": "ACCEPT", "log": true, "log_prefix": "East-3 input-accept", "comment": "All servers in group East-3 must include this rule", "position": 4 } } """ sanity.validate_object_id(firewall_policy_id) request = HttpHelper(self.session) endpoint = ("/v1/firewall_policies/%s/firewall_rules" % firewall_policy_id) response = request.post(endpoint, rule_body) policy_id = response["firewall_rule"]["id"] return policy_id