def create(self, fim_policy_id, server_id, **kwargs):
"""Creates a FIM baseline
Args:
fim_policy_id (str): ID of FIM policy to baseline
server_id (str): ID of server to use for generating baseline
Keyword Args:
expires (int): Number of days from today for expiration of baseline
comment (str): Guess.
Returns:
str: ID of new baseline
"""
sanity.validate_object_id([fim_policy_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id
request_body = {
"baseline": {
"server_id": server_id,
"expires": None,
"comment": None
}
}
if "expires" in kwargs:
request_body["baseline"]["expires"] = kwargs["expires"]
if "comment" in kwargs:
request_body["baseline"]["comment"] = kwargs["comment"]
response = request.post(endpoint, request_body)
policy_id = response["baseline"]["id"]
return policy_id
def initiate_scan(self, server_id, scan_type):
"""Initiate a scan on a specific server.
Args:
server_id (str): ID of server to be scanned
scan_type (str): Type of scan to be run.
Valid scan types:
sca - Configuration scan
csm - Configuration scan (same as sca)
svm - Software vulnerability scan
sva - Software vulnerability scan (same as svm)
sam - Server access management scan
fim - File integrity monitoring scan
sv - Agent self-verifiation scan
Returns:
dict: Dictionary describing command created as a result of this \
call
Failure throws an exception.
"""
sanity.validate_object_id(server_id)
if self.scan_type_supported(scan_type) is False:
exception_message = "Unsupported scan type: %s" % scan_type
raise CloudPassageValidation(exception_message)
else:
scan_type_normalized = self.supported_scans[scan_type]
request_body = {"scan": {"module": scan_type_normalized}}
endpoint = "/v1/servers/%s/scans" % server_id
request = HttpHelper(self.session)
response = request.post(endpoint, request_body)
command_info = response["command"]
return command_info
def delete(self, policy_id):
"""Delete a policy by ID. Success returns None"""
sanity.validate_object_id(policy_id)
request = HttpHelper(self.session)
delete_endpoint = "%s/%s" % (self.endpoint(), policy_id)
request.delete(delete_endpoint)
return None
def delete(self, object_id):
"""Delete by ID. Success returns None"""
sanity.validate_object_id(object_id)
request = HttpHelper(self.session)
delete_endpoint = "%s/%s" % (self.endpoint(), object_id)
request.delete(delete_endpoint)
return None
def create(self, fim_policy_id, server_id, **kwargs):
"""Creates a FIM baseline
Args:
fim_policy_id (str): ID of FIM policy to baseline
server_id (str): ID of server to use for generating baseline
Keyword Args:
expires (int): Number of days from today for expiration of baseline
comment (str): Guess.
Returns:
str: ID of new baseline
"""
sanity.validate_object_id([fim_policy_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id
request_body = {"baseline": {"server_id": server_id,
"expires": None,
"comment": None}}
if "expires" in kwargs:
request_body["baseline"]["expires"] = kwargs["expires"]
if "comment" in kwargs:
request_body["baseline"]["comment"] = kwargs["comment"]
response = request.post(endpoint, request_body)
policy_id = response["baseline"]["id"]
return policy_id
def update(self, group_id, **kwargs):
"""Updates a ServerGroup.
Args:
group_id (str): ID of group to be altered
Keyword Args:
name (str): Override name for group
linux_firewall_policy_id (str): Override Linux firewall policy ID.
windows_firewall_policy_id (str): Override Windows firewall policy
ID.
policy_ids (list): Override Linux configuration policies
windows_policy_ids (list): Override Windows firewall policies
linux_fim_policy_ids (list): Override Linux firewall policies
windows_fim_policy_ids (list): Override Windows FIM policies
lids_policy_ids (list): Override LIDS policy IDs
tag (str): Override server group tag
special_events_policy (str): Override server events policy. Note
the difference in naming from the
:meth:`cloudpassage.ServerGroup.create()` method
alert_profiles (list): List of alert profiles
Returns:
True if successful, throws exception otherwise.
"""
sanity.validate_object_id(group_id)
endpoint = "/v1/groups/%s" % group_id
response = None
group_data = {}
body = {"group": utility.merge_dicts(group_data, kwargs)}
request = HttpHelper(self.session)
response = request.put(endpoint, body)
return response
def migrate_servers(self, grp_id, server_ids, srv_state=None):
"""Migrate servers in server_ids into the group identified by group_id.
Args:
grp_id (str): ID of group to merge
server_ids (list): A list of server_id
srv_state (str): A comma-separated string containing filters to
be applied to the list of servers to be migrated. Valid filters
are `active`, `missing`, `deactivated`, and `retired`
Returns:
server ids (list): A list of all server_id in the identified server
group.
"""
if not srv_state:
srv_state = "active,missing,deactivated,retired"
srv_ids = []
body = {"server": {"group_id": grp_id}}
sanity.validate_object_id(grp_id)
for server_id in server_ids:
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request = HttpHelper(self.session)
request.put(endpoint, body)
sgrp_endpoint = "/v1/groups/%s/servers?state=%s" % (grp_id, srv_state)
response = request.get(sgrp_endpoint)
srv_list = response["servers"]
for srv in srv_list:
srv_ids.append(srv["id"])
return srv_ids
def initiate_scan(self, server_id, scan_type):
"""Initiate a scan on a specific server.
Args:
server_id (str): ID of server to be scanned
scan_type (str): Type of scan to be run.
Valid scan types:
sca - Configuration scan
csm - Configuration scan (same as sca)
svm - Software vulnerability scan
sva - Software vulnerability scan (same as svm)
sam - Server access management scan
fim - File integrity monitoring scan
sv - Agent self-verifiation scan
Returns:
dict: Dictionary describing command created as a result of this
call. Failure throws an exception.
"""
sanity.validate_object_id(server_id)
if self.scan_type_supported(scan_type) is False:
exception_message = "Unsupported scan type: %s" % scan_type
raise CloudPassageValidation(exception_message)
else:
scan_type_normalized = self.supported_scans[scan_type]
request_body = {"scan": {"module": scan_type_normalized}}
endpoint = "/v1/servers/%s/scans" % server_id
request = HttpHelper(self.session)
response = request.post(endpoint, request_body)
command_info = response["command"]
return command_info
def update(self, object_body):
"""Update. Success returns None"""
request = HttpHelper(self.session)
request_body = utility.policy_to_dict(object_body)
object_id = request_body[self.object_key()]["id"]
sanity.validate_object_id(object_id)
update_endpoint = "%s/%s" % (self.endpoint(), object_id)
request.put(update_endpoint, request_body)
return None
def update(self, policy_body):
"""Update a policy. Success returns None"""
request = HttpHelper(self.session)
request_body = utility.policy_to_dict(policy_body)
policy_id = request_body[self.policy_key()]["id"]
sanity.validate_object_id(policy_id)
update_endpoint = "%s/%s" % (self.endpoint(), policy_id)
request.put(update_endpoint, request_body)
return None
def issues(self, server_id):
"""This method retrieves the detail of a server issues.
Args:
server_id (str): ID of server
Returns:
list: issues of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/issues" % server_id
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def issues(self, server_id):
"""This method retrieves the detail of a server issues.
Args:
server_id (str): ID of server
Returns:
list: issues of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/issues" % server_id
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def resolve(self, issue_id):
"""Resolves an Issue.
Args: issue_id (str): ID of issue to be altered
Returns:
True if successful, throws exception otherwise.
"""
sanity.validate_object_id(issue_id)
endpoint = "/v1/issues/%s" % issue_id
response = None
body = {"status": "resolved"}
request = HttpHelper(self.session)
response = request.put(endpoint, body)
return response
def delete(self, fim_policy_id, fim_baseline_id):
"""Delete a FIM baseline by ID
Args:
fim_policy_id (str): ID of FIM policy
fim_baseline_id (str): ID of baseline to be deleted
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request.delete(endpoint)
return None
def delete(self, fim_policy_id, fim_baseline_id):
"""Delete a FIM baseline by ID
Args:
fim_policy_id (str): ID of FIM policy
fim_baseline_id (str): ID of baseline to be deleted
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request.delete(endpoint)
return None
def get_firewall_logs(self, server_id, pages):
"""This method retrieves the detail of a server firewall log.
Args:
server_id (str): ID of server
Returns:
list: firewall log of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/firewall_logs" % server_id
key = "agent_firewall_logs"
max_pages = pages
request = HttpHelper(self.session)
response = request.get_paginated(endpoint, key, max_pages)
return response
def retire(self, server_id):
"""This method retires a server
Args:
server_id (str): ID of server to be retired
Returns:
True if successful, throws exception on failure
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
body = {"server": {"retire": True}}
request = HttpHelper(self.session)
request.put(endpoint, body)
# Exceptions fire deeper if this fails. Otherwise, return True.
return True
def retire(self, server_id):
"""This method retires a server
Args:
server_id (str): ID of server to be retired
Returns:
True if successful, throws exception on failure
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
body = {"server":
{"retire": True}}
request = HttpHelper(self.session)
request.put(endpoint, body)
# Exceptions fire deeper if this fails. Otherwise, return True.
return True
def assign_group(self, server_id, group_id):
"""Moves server to another group.
Args:
server_id (str): Target server's ID
group_id (str): ID of group to move server to.
Returns:
True if successful, throws exceptions if it fails.
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request_body = {"server": {"group_id": group_id}}
request = HttpHelper(self.session)
request.put(endpoint, request_body)
# Exception will throw if the prior line fails.
return True
def delete(self, firewall_policy_id, firewall_rule_id):
"""Delete a firewall policy rule
Args:
firewall_policy_id (str): ID of firewall policy containing\
the rule to be deleted
firewall_rule_id (str): ID of firewall policy rule to delete
Returns:
None if successful. Errors will throw exceptions.
"""
sanity.validate_object_id([firewall_policy_id, firewall_rule_id])
request = HttpHelper(self.session)
endpoint = ("/v1/firewall_policies/%s/firewall_rules/%s" %
(firewall_policy_id, firewall_rule_id))
request.delete(endpoint)
return None
def assign_group(self, server_id, group_id):
"""Moves server to another group.
Args:
server_id (str): Target server's ID
group_id (str): ID of group to move server to.
Returns:
True if successful, throws exceptions if it fails.
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request_body = {"server": {"group_id": group_id}}
request = HttpHelper(self.session)
request.put(endpoint, request_body)
# Exception will throw if the prior line fails.
return True
def get_firewall_logs(self, server_id, pages):
"""This method retrieves the detail of a server firewall log.
Args:
server_id (str): ID of server
Returns:
list: firewall log of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/firewall_logs" % server_id
key = "agent_firewall_logs"
max_pages = pages
request = HttpHelper(self.session)
response = request.get_paginated(endpoint, key, max_pages)
firewall_log_details = response[key]
return firewall_log_details
def delete(self, server_id):
"""Deletes server indicated by server_id.
Remember, deletion causes the removal of accociated security
events and scan information.
Args:
server_id (str): ID of server to be deleted
Returns:
True if successful, throws exceptions otherwise.
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request = HttpHelper(self.session)
request.delete(endpoint)
# If no exception from request, we're successful
return True
def update(self, fim_policy_id, fim_baseline_id, server_id):
"""Update a FIM policy baseline.
Args:
fim_policy_id (str): ID of fim policy
fim_baseline_id (str): ID of baseline to be updated
server_id (str): ID of server to use when generating new baseline
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request_body = {"baseline": {"server_id": server_id}}
request.put(endpoint, request_body)
return None
def update(self, fim_policy_id, fim_baseline_id, server_id):
"""Update a FIM policy baseline.
Args:
fim_policy_id (str): ID of fim policy
fim_baseline_id (str): ID of baseline to be updated
server_id (str): ID of server to use when generating new baseline
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request_body = {"baseline": {"server_id": server_id}}
request.put(endpoint, request_body)
return None
def delete(self, server_id):
"""Deletes server indicated by server_id.
Remember, deletion causes the removal of accociated security events and
scan information.
Args:
server_id (str): ID of server to be deleted
Returns:
True if successful, throws exceptions otherwise.
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request = HttpHelper(self.session)
request.delete(endpoint)
# If no exception from request, we're successful
return True
def update(self, firewall_policy_id, firewall_rule_id, firewall_rule_body):
"""Update a firewall policy rule.
Args:
firewall_policy_id (str): ID of firewall policy containing the\
rule to be modified.
firewall_rule_id (str): ID of firewall policy rule to modify.
firewall_rule_body (dict or str): String- or dictionary-type \
object containing the fields to be updated within the firewall \
rule.
Returns:
None if successful. Errors will throw exceptions.
Example:
::
{
"firewall_rule" : {
"chain": "INPUT",
"active": true,
"firewall_interface": "7b881ca072b1012ec681404096c01709",
"firewall_service": "7b6409a072b1012ec681404096c01709",
"connection_states": "NEW, ESTABLISHED",
"action": "ACCEPT",
"log": true,
"log_prefix": "East-3 input-accept",
"comment": "All servers in group East-3 must include this rule",
"position": 4
}
}
"""
sanity.validate_object_id([firewall_policy_id, firewall_rule_id])
request = HttpHelper(self.session)
endpoint = ("/v1/firewall_policies/%s/firewall_rules/%s" %
(firewall_policy_id, firewall_rule_id))
request.put(endpoint, firewall_rule_body)
return None
def update(self, group_id, **kwargs):
"""Updates a ServerGroup.
Args:
group_id (str): ID of group to be altered
Keyword Args:
name (str): Override name for group
linux_firewall_policy_id (str): Override Linux firewall policy ID.
windows_firewall_policy_id (str): Override Windows firewall \
policy ID.
policy_ids (list): Override Linux configuration policies
windows_policy_ids (list): Override Windows firewall policies
linux_fim_policy_ids (list): Override Linux firewall policies
windows_fim_policy_ids (list): Override Windows FIM policies
lids_policy_ids (list): Override LIDS policy IDs
tag (str): Override server group tag
special_events_policy (str): Override server events policy. Note\
the difference in naming from the \
:meth:`cloudpassage.ServerGroup.create()` \
method
alert_profiles (list): List of alert profiles
Returns:
True if successful, throws exception otherwise.
"""
sanity.validate_object_id(group_id)
endpoint = "/v1/groups/%s" % group_id
response = None
group_data = {}
try:
sanity.validate_servergroup_update(kwargs)
except TypeError as exc:
raise CloudPassageValidation(exc)
body = {"group": utility.merge_dicts(group_data, kwargs)}
request = HttpHelper(self.session)
response = request.put(endpoint, body)
return response
def create(self, firewall_policy_id, rule_body):
"""Creates a rule within a firewall policy.
Args:
rule_body (dict or str): string or dict containing the json \
representation of the firewall policy to be created.
Returns:
str: ID of newly-created firewall rule
Example rule_body:
::
{
"firewall_rule" : {
"chain": "INPUT",
"active": true,
"firewall_interface": "7b881ca072b1012ec681404096c01709",
"firewall_service": "7b6409a072b1012ec681404096c01709",
"connection_states": "NEW, ESTABLISHED",
"action": "ACCEPT",
"log": true,
"log_prefix": "East-3 input-accept",
"comment": "All servers in group East-3 must include this rule",
"position": 4
}
}
"""
sanity.validate_object_id(firewall_policy_id)
request = HttpHelper(self.session)
endpoint = ("/v1/firewall_policies/%s/firewall_rules" %
firewall_policy_id)
response = request.post(endpoint, rule_body)
policy_id = response["firewall_rule"]["id"]
return policy_id
def delete(self, group_id, **kwargs):
""" Delete a server group.
Args:
group_id (str): ID of group to delete
Keyword Args:
force (bool): If set to True, the member servers from this group \
will be moved to the parent group.
Returns:
None if successful, exceptions otherwise.
"""
sanity.validate_object_id(group_id)
endpoint = "/v1/groups/%s" % group_id
request = HttpHelper(self.session)
if ("force" in kwargs) and (kwargs["force"] is True):
params = {"move_to_parent": "true"}
request.delete(endpoint, params=params)
else:
request.delete(endpoint)
return None
def delete(self, group_id, **kwargs):
""" Delete a server group.
Args:
group_id (str): ID of group to delete
Keyword Args:
force (bool): If set to True, the member servers from this group \
will be moved to the parent group.
Returns:
None if successful, exceptions otherwise.
"""
sanity.validate_object_id(group_id)
endpoint = "/v1/groups/%s" % group_id
request = HttpHelper(self.session)
if ("force" in kwargs) and (kwargs["force"] is True):
params = {"move_to_parent": "true"}
request.delete(endpoint, params=params)
else:
request.delete(endpoint)
return None
