def vnets_list_all(self, resourceId): api_endpoint = self.config["AZURESDK"]["VirtualNetworksListAll"] api_endpoint = api_endpoint.format(resourceId=resourceId) with request_authenticated_azure_session() as req: resource_policy_function = req.post(api_endpoint).json return resource_policy_function
def get_keys(self, vaultBaseUrl): api_endpoint = self.config['AZURESDK']['keyvault_get_keys'] api_endpoint = api_endpoint.format(vaultBaseUrl=vaultBaseUrl) # with statement automatically closes the connection with request_authenticated_azure_session() as req: # Returns response object. The response object contains the HTTP status code, and the response of the service keys = req.get(api_endpoint) return keys
def list(self, organization, project): api_endpoint = self.config["GIT"]['azure_devops_repositories_list'] api_endpoint = api_endpoint.format(organization=organization, project=project) with request_authenticated_azure_session() as req: repositories = req.get(api_endpoint, auth=('', self.personal_access_token)) return repositories
def get_filtered(self, organization, project, repositoryId, filterValue): api_endpoint = self.config["GIT"]['azure_devops_refs_list'] api_endpoint = api_endpoint.format(organization=organization, project=project, repositoryId=repositoryId, filterValue=filterValue) with request_authenticated_azure_session() as req: refs_list = req.get(api_endpoint, auth=('', self.personal_access_token)) return refs_list
def policy_states_filter_and_multiple_groups(self, subscriptionId): api_endpoint = self.config["AZURESDK"]["policy_states_filter_and_multiple_groups"] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId) with request_authenticated_azure_session() as req: r_policy_states_filter_and_multiple_groups = req.post(api_endpoint).json() return r_policy_states_filter_and_multiple_groups
def vnet_list_usage(self, subscription, policyDefinitionName): api_endpoint = ["AZURESDK"]["VirtualNetworksListUsage"] api_endpoint = api_endpoint.format( subscriptionId=subscription, policyDefinitionName=policyDefinitionName) with request_authenticated_azure_session() as req: vnet_list_usage_fuction = req.post(api_endpoint).json return vnet_list_usage_fuction
def policy_states_list_query_results_for_management_group(self, management_grp, policyStatesResource='latest'): api_endpoint = self.config["AZURESDK"]["policy_states_list_query_results_for_management_group"] api_endpoint = api_endpoint.format(managementGroupName=management_grp, policyStatesResource=policyStatesResource) with request_authenticated_azure_session() as req: policy_states_summary_subscription = req.post(api_endpoint).json return policy_states_summary_subscription
def get_tags(self, subscriptionId): management_root = self.config['AZURESDK']['management_root'] api_version = self.config['AZURESDK']['apiversion'] api_endpoint = "{management_root}/subscriptions/{subscriptionId}/tagNames?api-version={api_version}".format( management_root=management_root, subscriptionId=subscriptionId, api_version=api_version) with request_authenticated_azure_session() as req: tags = req.get(api_endpoint) return tags
def policy_states_summarize_for_subscription_query(self): """ :param subscription: :return: """ api_endpoint = self.config["AZURESDK"]["policystatessummarizeforsubscriptionquery"] with request_authenticated_azure_session() as req: policy_states_summary_subscription = req.post(api_endpoint).json return policy_states_summary_subscription
def list(self, subscriptionId, policySetDefinitionName): api_endpoint = self.config["AZURESDK"][ "policy_set_definitions_create_or_update"] api_endpoint = api_endpoint.format( subscriptionId=subscriptionId, policySetDefinitionName=policySetDefinitionName) with request_authenticated_azure_session() as req: policy_set_definition = req.get(api_endpoint) return policy_set_definition
def list_resourcegroup(self, subscriptionId): """ :return: """ api_endpoint = self.config["AZURESDK"]["resourcegroupslist"] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId) with request_authenticated_azure_session() as req: resource_group_function = req.post(api_endpoint).json return resource_group_function
def policy_states_summarize_for_policy_definition(self, subscription_id, policy_definition_name): api_endpoint = self.config["AZURESDK"][ 'policy_states_summarize_for_policy_definition'] api_endpoint = api_endpoint.format( subscriptionId=subscription_id, policyDefinitionName=policy_definition_name) with request_authenticated_azure_session() as req: policy_states_summary = req.post(api_endpoint) return policy_states_summary
def policy_definition_via_policyDefinitionId(self, policyDefinitionId): management_root = self.config['AZURESDK']['management_root'] api_version = self.config['AZURESDK']['apiversion'] api_endpoint = "{management_root}{policyDefinitionId}?api-version={api_version}".format( management_root=management_root, policyDefinitionId=policyDefinitionId, api_version=api_version) with request_authenticated_azure_session() as req: policy_definitions = req.get(api_endpoint) return policy_definitions
def list(self, subscriptionId, api_version=None): api_endpoint = self.config['AZURESDK']['vaults_list'] if api_version is None: api_version = self.config['AZURESDK']['apiversion'] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId, apiversion=api_version) # with statement automatically closes the connection with request_authenticated_azure_session() as req: # Returns response object. The response object contains the HTTP status code, and the response of the service vaults = req.get(api_endpoint) return vaults
def policy_states_summarize_for_resourcegroup(self, subscriptionId): """ :param subscriptionId: :return: """ api_endpoint = self.config["AZURESDK"]["policy_states_summarize_for_resource_group"] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId) with request_authenticated_azure_session() as req: summarized_resource_group_function = req.post(api_endpoint).json return summarized_resource_group_function
def policy_states_summarize_for_resource(self, resourceId): """ :param resourceId: :return: function """ api_endpoint = self.config["AZURESDK"]["policystatessummarizeforresource"] api_endpoint = api_endpoint.format(resourceId=resourceId) with request_authenticated_azure_session() as req: resource_policy_function = req.post(api_endpoint).json return resource_policy_function
def policy_definitions_by_subscription_req(self, subscriptionId): """ :param subscriptionId: :return: Policy definitions by subscription request """ api_endpoint = self.config["AZURESDK"]["policy_definitions_list"] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId) with request_authenticated_azure_session() as req: policy_definitions = req.get(api_endpoint) return policy_definitions
def get_by_id(self, id, api_version=None): api_endpoint = self.config['AZURESDK']['vaults_get_by_id'] management_root = self.config['AZURESDK']['management_root'] if api_version is None: api_version = self.config['AZURESDK']['apiversion'] api_endpoint = api_endpoint.format(management_root=management_root, id=id, apiversion=api_version) # with statement automatically closes the connection with request_authenticated_azure_session() as req: # Returns response object. The response object contains the HTTP status code, and the response of the service vault = req.get(api_endpoint) return vault
def get_policy_definitions_list_by_management_group( self, managementGroupId): """ Get the policy definitions from a management group :param managementGroupId: """ api_endpoint = self.config['AZURESDK'][ 'policy_definitions_list_by_management_group'] api_endpoint = api_endpoint.format(managementGroupId=managementGroupId) with request_authenticated_azure_session() as req: policy_definitions_response = req.get(api_endpoint) return policy_definitions_response
def policy_states_summarize_for_subscription(self, subscription): """ :return: :param subscription: :return: """ api_endpoint = self.config["AZURESDK"]["policy_states_summarize_for_subscription"] api_endpoint = api_endpoint.format(subscriptionId=subscription) with request_authenticated_azure_session() as req: policy_states_summary_subscription_response = req.post(api_endpoint) return policy_states_summary_subscription_response
def policy_states_summarize_for_policy_definition(self, subscriptionId, policyDefinitionName): """ Summarizes policy states for the subscription level policy definition. https://docs.microsoft.com/en-us/rest/api/policy-insights/policystates/summarizeforpolicydefinition#code-try-0 :param subscriptionId: :param policyDefinitionName: :return: """ api_endpoint = self.config["AZURESDK"]["policy_states_summarize_for_policy_definition"] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId, policyDefinitionName=policyDefinitionName) with request_authenticated_azure_session() as req: policy_states_summarize_for_policy_definition = req.post(api_endpoint) return policy_states_summarize_for_policy_definition
def policy_states_summarize_for_subscription(self, subscriptionId): """ This method calls the policy compliance using the policy insights and query policy state :rtype: response :param subscriptionId: :return: """ api_endpoint = self.config["AZURESDK"][ 'policy_states_summarize_for_subscription'] api_endpoint = api_endpoint.format(subscriptionId=subscriptionId) with request_authenticated_azure_session() as req: policy_states_summary = req.post(api_endpoint) return policy_states_summary
def policyinsights_generic_req(self, api_endpoint, *args): """ This function can theoretically call any Azure SDK API the service pricipal has access to :param api_config_key: :param args: :return: """ # The policyinsights_generic_req has no way of learning the named string format parameters # a simple replace makes the URL a workable generic call to the API # example: api_config_key.replace('{subscriptionId}', '{}') api_endpoint = api_endpoint.format(*args) with request_authenticated_azure_session() as req: return req.post(api_endpoint)
def get(self, organization, project, repositoryId, scopePath, versionDescriptor_version): api_endpoint = self.config["GIT"]['azure_devops_items_list'] recursionLevel = 'Full' includeLinks = 'true' api_endpoint = api_endpoint.format(organization=organization, project=project, repositoryId=repositoryId, scopePath=scopePath, recursionLevel=recursionLevel, includeLinks=includeLinks, versionDescriptor_version=versionDescriptor_version) with request_authenticated_azure_session() as req: items = req.get(api_endpoint, auth=('', self.personal_access_token)) return items
def list(self): """ api_endpoint and api_api_version read from the app.config.ini or test.app.config.ini files. In this way, the code is always loosely coupled from the service. :return: """ api_endpoint = self.config['AZURESDK']['subscriptions'] api_version = self.config['AZURESDK']['apiversion'] api_endpoint = api_endpoint.format(apiversion=api_version) # with statement automatically closes the connection with request_authenticated_azure_session() as req: # Returns response object. The response object contains the HTTP status code, and the response of the service subscriptions = req.get(api_endpoint) return subscriptions
def create_or_update(self, subscriptionId, policySetDefinitionName, policy_set_properties_body, policyDefinitionsList, policyDefinitionReferenceId): api_endpoint = self.config["AZURESDK"][ "policy_set_definitions_create_or_update"] api_endpoint = api_endpoint.format( subscriptionId=subscriptionId, policySetDefinitionName=policySetDefinitionName) parameters_dict = {} policyDefinitionReference = [] policyDefinitionId = '' for policyDefinition in policyDefinitionsList: if 'properties' in policyDefinition and 'policyDefinitionId' in policyDefinition[ 'properties']: if 'parameters' in policyDefinition: parameters_dict = policyDefinition['parameters'] parameters = self.package_parameters_for_assignment( parameters_dict) if parameters is None: """TODO report policy non-compliance""" continue policyDefinition = { "policyDefinitionId": policyDefinition['properties']['policyDefinitionId'], "policyDefinitionReferenceId": policyDefinitionReferenceId + str(uuid.uuid4()), "parameters": parameters_dict } policyDefinitionReference.append(policyDefinition) policy_set_properties_body['properties'][ 'policyDefinitions'] = policyDefinitionReference headers = {'content-type': 'application/json'} policy_set_properties_body = json.dumps(policy_set_properties_body) with request_authenticated_azure_session() as req: policy_set_definition = req.put_create_assignment( api_endpoint, data=policy_set_properties_body, headers=headers) return policy_set_definition
def policy_states_summarize_for_subscription_compliant( self, subscriptionId, is_compliant="true" ): filter_condition = "IsCompliant eq {}".format(is_compliant) api_endpoint = self.config["AZURESDK"][ "PolicyStatesSummarizeForSubscriptionFiltered" ] api_endpoint = api_endpoint.format( subscriptionId=subscriptionId, filter=filter_condition ) with request_authenticated_azure_session() as req: policy_states_summary_subscription = req.post(api_endpoint).json return policy_states_summary_subscription
def policy_definitions_list_by_management_group(self, management_grp, authenticated_session=None ): api_endpoint = self.config["AZURESDK"][ "policy_definitions_list_by_management_group"] api_endpoint = api_endpoint.format(managementGroupId=management_grp) if authenticated_session: response = authenticated_session.get(api_endpoint) else: with request_authenticated_azure_session() as req: response = req.get(api_endpoint) if response is not None and response.status_code == 200: return response else: return None
def get_policy_definitions(self, subscription_id, policy_definition_name, authenticated_session=None): """ :param subscription_id: :param policy_definition_name: :param request_authenticated_prisma_session: :return: """ api_endpoint = self.config["AZURESDK"]["policy_definitions_get"] api_endpoint = api_endpoint.format( subscriptionId=subscription_id, policyDefinitionName=policy_definition_name) api_endpoint_2 = self.config["AZURESDK"][ "get_policy_definition_by_name"] api_endpoint_2 = api_endpoint_2.format( policyDefinitionName=policy_definition_name) policy_definitions_function = None if authenticated_session: policy_definitions_function = authenticated_session.get( api_endpoint) if policy_definitions_function.status_code == 404: policy_definitions_function = authenticated_session.get( api_endpoint_2) else: with request_authenticated_azure_session() as req: policy_definitions_function = req.get(api_endpoint) if policy_definitions_function.status_code == 404: policy_definitions_function = req.get(api_endpoint_2) if policy_definitions_function is not None and policy_definitions_function.status_code == 200: return policy_definitions_function.json else: return None
def create_policy_definition(self, subscriptionId, policy_definition_name, policy_definition_body): """ :param subscriptionId: :param policy_definition_name: :param policy_definition_body: :return: """ api_endpoint = self.config["AZURESDK"][ "policy_definitions_create_or_update"] api_endpoint = api_endpoint.format( subscriptionId=subscriptionId, policyDefinitionName=policy_definition_name) headers = {'content-type': 'application/json'} with request_authenticated_azure_session() as req: policy_definitions = req.put_create_assignment( api_endpoint, data=policy_definition_body, headers=headers) return policy_definitions