def initiate_scan(self, server_id, scan_type):
"""Initiate a scan on a specific server.
Args:
server_id (str): ID of server to be scanned
scan_type (str): Type of scan to be run.
Valid scan types:
sca - Configuration scan
csm - Configuration scan (same as sca)
svm - Software vulnerability scan
sva - Software vulnerability scan (same as svm)
sam - Server access management scan
fim - File integrity monitoring scan
sv - Agent self-verifiation scan
Returns:
dict: Dictionary describing command created as a result of this \
call
Failure throws an exception.
"""
sanity.validate_object_id(server_id)
if self.scan_type_supported(scan_type) is False:
exception_message = "Unsupported scan type: %s" % scan_type
raise CloudPassageValidation(exception_message)
else:
scan_type_normalized = self.supported_scans[scan_type]
request_body = {"scan": {"module": scan_type_normalized}}
endpoint = "/v1/servers/%s/scans" % server_id
request = HttpHelper(self.session)
response = request.post(endpoint, request_body)
command_info = response["command"]
return command_info
def delete(self, policy_id):
"""Delete a policy by ID. Success returns None"""
sanity.validate_object_id(policy_id)
request = HttpHelper(self.session)
delete_endpoint = "%s/%s" % (self.endpoint(), policy_id)
request.delete(delete_endpoint)
return None
def last_scan_results(self, server_id, scan_type):
"""Get the results of scan_type performed on server_id.
Args:
server_id (str): ID of server
scan_type (str): Type of scan to filter results for
Valid scan types:
sca - Configuration scan
csm - Configuration scan (same as sca)
svm - Software vulnerability scan
sva - Software vulnerability scan (same as svm)
fim - File integrity monitoring scan
Returns:
dict: Dictionary object describing last scan results
"""
if self.scan_history_supported(scan_type) is False:
exception_message = "Unsupported scan type: %s" % scan_type
raise CloudPassageValidation(exception_message)
else:
scan_type_normalized = self.supported_scans[scan_type]
endpoint = "/v1/servers/%s/%s" % (server_id, scan_type_normalized)
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def delete(self, policy_id):
"""Delete a policy by ID. Success returns None"""
sanity.validate_object_id(policy_id)
request = HttpHelper(self.session)
delete_endpoint = "%s/%s" % (self.endpoint(), policy_id)
request.delete(delete_endpoint)
return None
def last_scan_results(self, server_id, scan_type):
"""Get the results of scan_type performed on server_id.
Args:
server_id (str): ID of server
scan_type (str): Type of scan to filter results for
Valid scan types:
sca - Configuration scan
csm - Configuration scan (same as sca)
svm - Software vulnerability scan
sva - Software vulnerability scan (same as svm)
fim - File integrity monitoring scan
Returns:
dict: Dictionary object describing last scan results
"""
if self.scan_history_supported(scan_type) is False:
exception_message = "Unsupported scan type: %s" % scan_type
raise CloudPassageValidation(exception_message)
else:
scan_type_normalized = self.supported_scans[scan_type]
endpoint = "/v1/servers/%s/%s" % (server_id, scan_type_normalized)
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def list_all(self, **kwargs):
"""Returns a list of all servers.
This query is limited to 50 pages of 10 items,
totaling 500 servers.
Default filter returns only servers in the 'active' state.
Keyword Args:
state (list or str): A list or comma-separated string containing \
any of these: active, missing, deactivated
platform (list or str): A list or comma-separated string \
containing any of these: \
windows, debian, ubuntu, centos, oracle, rhel, etc...
cve (str): CVE ID. Example: CVE-2015-1234
kb (str): Search for presence of KB. Example: kb="KB2485376"
missing_kb (str): Search for absence of KB. \
Example: mising_kb="KB2485376"
Returns:
list: List of dictionary objects describing servers
"""
endpoint = "/v1/servers"
key = "servers"
max_pages = 50
request = HttpHelper(self.session)
params = utility.sanitize_url_params(kwargs)
response = request.get_paginated(endpoint, key,
max_pages, params=params)
return response
def list_all(self, **kwargs):
"""Returns a list of all servers.
This query is limited to 50 pages of 100 items,
totaling 500 servers.
Default filter returns only servers in the 'active' state.
Keyword Args:
state (list or str): A list or comma-separated string containing \
any of these: active, missing, deactivated
platform (list or str): A list or comma-separated string \
containing any of these: \
windows, debian, ubuntu, centos, oracle, rhel, etc...
cve (str): CVE ID. Example: CVE-2015-1234
kb (str): Search for presence of KB. Example: kb="KB2485376"
missing_kb (str): Search for absence of KB. \
Example: mising_kb="KB2485376"
Returns:
list: List of dictionary objects describing servers
"""
endpoint = "/v1/servers?per_page=100"
key = "servers"
max_pages = 300
request = HttpHelper(self.session)
params = utility.sanitize_url_params(kwargs)
response = request.get_paginated(endpoint,
key,
max_pages,
params=params)
return response
def create(self, fim_policy_id, server_id, **kwargs):
"""Creates a FIM baseline
Args:
fim_policy_id (str): ID of FIM policy to baseline
server_id (str): ID of server to use for generating baseline
Keyword Args:
expires (int): Number of days from today for expiration of baseline
comment (str): Guess.
Returns:
str: ID of new baseline
"""
sanity.validate_object_id([fim_policy_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id
request_body = {"baseline": {"server_id": server_id,
"expires": None,
"comment": None}}
if "expires" in kwargs:
request_body["baseline"]["expires"] = kwargs["expires"]
if "comment" in kwargs:
request_body["baseline"]["comment"] = kwargs["comment"]
response = request.post(endpoint, request_body)
policy_id = response["baseline"]["id"]
return policy_id
def create(self, group_name, **kwargs):
"""Creates a ServerGroup.
Args:
group_name (str): Name for the new group
Keyword Args:
firewall_policy_id (str): ID of firewall policy to be assigned to \
the group (deprecated- use linux_firewall_policy_id)
linux_firewall_policy_id (str): ID of linux firewall policy to \
associate with the new group
windows_firewall_policy_id (str): ID of Windows firewall policy \
to associate with the new group
policy_ids (list): List of Linux configuration policy IDs
windows_policy_ids (list): List of Windows configuration policy IDs
fim_policy_ids (list): List of Linux FIM policies
linux_fim_policy_ids (list): List of Linux FIM policies
windows_fim_policy_ids (list): List of Windows FIM policies
lids_policy_ids (list): List of LIDS policy IDs
tag (str): Server group tag-used for auto-assignment of group.
server_events_policy (str): Special events policy IDs
alert_profiles (list): List of alert profile IDs
Returns:
str: ID of newly-created group.
"""
endpoint = "/v1/groups"
group_data = {"name": group_name, "policy_ids": [], "tag": None}
body = {"group": utility.merge_dicts(group_data, kwargs)}
request = HttpHelper(self.session)
response = request.post(endpoint, body)
return response["group"]["id"]
def create(self, fim_policy_id, server_id, **kwargs):
"""Creates a FIM baseline
Args:
fim_policy_id (str): ID of FIM policy to baseline
server_id (str): ID of server to use for generating baseline
Keyword Args:
expires (int): Number of days from today for expiration of baseline
comment (str): Guess.
Returns:
str: ID of new baseline
"""
sanity.validate_object_id([fim_policy_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id
request_body = {
"baseline": {
"server_id": server_id,
"expires": None,
"comment": None
}
}
if "expires" in kwargs:
request_body["baseline"]["expires"] = kwargs["expires"]
if "comment" in kwargs:
request_body["baseline"]["comment"] = kwargs["comment"]
response = request.post(endpoint, request_body)
policy_id = response["baseline"]["id"]
return policy_id
def initiate_scan(self, server_id, scan_type):
"""Initiate a scan on a specific server.
Args:
server_id (str): ID of server to be scanned
scan_type (str): Type of scan to be run.
Valid scan types:
sca - Configuration scan
csm - Configuration scan (same as sca)
svm - Software vulnerability scan
sva - Software vulnerability scan (same as svm)
sam - Server access management scan
fim - File integrity monitoring scan
sv - Agent self-verifiation scan
Returns:
dict: Dictionary describing command created as a result of this \
call
Failure throws an exception.
"""
sanity.validate_object_id(server_id)
if self.scan_type_supported(scan_type) is False:
exception_message = "Unsupported scan type: %s" % scan_type
raise CloudPassageValidation(exception_message)
else:
scan_type_normalized = self.supported_scans[scan_type]
request_body = {"scan": {"module": scan_type_normalized}}
endpoint = "/v1/servers/%s/scans" % server_id
request = HttpHelper(self.session)
response = request.post(endpoint, request_body)
command_info = response["command"]
return command_info
def create(self, policy_body):
"""Creates a policy from JSON document.
Returns the ID of the new policy
"""
request = HttpHelper(self.session)
request_body = utility.policy_to_dict(policy_body)
return request.post(self.endpoint(), request_body)["id"]
def list_all(self):
"""Returns a list of all system announcements
"""
session = self.session
endpoint = self.build_endpoint()
request = HttpHelper(session)
response = request.get(endpoint)
announcement_list = response["announcements"]
return announcement_list
def list_all(self):
"""Returns a list of all system announcements
"""
session = self.session
endpoint = self.build_endpoint()
request = HttpHelper(session)
response = request.get(endpoint)
announcement_list = response["announcements"]
return announcement_list
def update(self, policy_body):
"""Update a policy. Success returns None"""
request = HttpHelper(self.session)
request_body = utility.policy_to_dict(policy_body)
policy_id = request_body[self.policy_key()]["id"]
sanity.validate_object_id(policy_id)
update_endpoint = "%s/%s" % (self.endpoint(), policy_id)
request.put(update_endpoint, request_body)
return None
def create(self, policy_body):
"""Creates a policy from JSON document.
Returns the ID of the new policy
"""
request = HttpHelper(self.session)
request_body = utility.policy_to_dict(policy_body)
return request.post(self.endpoint(),
request_body)["id"]
def update(self, policy_body):
"""Update a policy. Success returns None"""
request = HttpHelper(self.session)
request_body = utility.policy_to_dict(policy_body)
policy_id = request_body[self.policy_key()]["id"]
sanity.validate_object_id(policy_id)
update_endpoint = "%s/%s" % (self.endpoint(), policy_id)
request.put(update_endpoint, request_body)
return None
def list_all(self, **kwargs):
"""This method retrieves all local user accounts
Keyword Args:
os_type (list or str): A list of local user accounts \
with the according os type.
username (list or str): A list of local user accounts \
with the according username.
admin (boolean): A list of local user accounts \
with the according admin.
active (boolean): A list of local user accounts \
with the according active settings.
last_login_at (str): A list of local user accounts \
last login at date in iso8601 format such as: 2017-01-01.
never_logged_in (boolean): A list of local user accounts \
with never logged in.
password_required (boolean): A list of local user accounts \
with the according password_required settings
password_expired (boolean): A list of local user accounts \
with the according password_expired settings
comment: A list of local user accounrs with the according comment
group_id (list or str): A list of local user accounts \
with the according group id
server_id (list or str): A list of local user accounts \
with the according server id
server_name (list or str): A list of local user accounts \
with the according server name
server_label (list or str): A list of local user accounts \
with the according server label
group_name (list or str): A list of local user accounts \
with the according group name
locked (boolean): A list of local user accounts \
with the according locked settings
gid (list or str): A list of local user accounts \
with the according gid
sid (list or str): A list of local user accounts \
with the according sid
Returns:
list: List of dictionary objects describing local user accounts
"""
endpoint = "/v1/local_accounts"
key = "accounts"
max_pages = 50
request = HttpHelper(self.session)
params = utility.sanitize_url_params(kwargs)
response = request.get_paginated(endpoint,
key,
max_pages,
params=params)
return response
def list_all(self):
"""Lists all policies of this type.
Returns:
list: List of policies (represented as dictionary-type objects)
Note:
This query is limited to 30 pages.
"""
request = HttpHelper(self.session)
return request.get_paginated(self.endpoint(), self.pagination_key(),
self.max_pages)
def describe(self, issue_id):
"""Get issue details by issue ID
Args:
issue_id (str): Issue ID
Returns:
dict: Dictionary object describing issue
"""
endpoint = "/v1/issues/%s" % issue_id
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def describe(self, policy_id):
"""Get the detailed configuration of a policy
Args:
policy_id (str): ID of the policy to retrieve \
detailed configuration information for
Returns:
dict: dictionary object representing the entire, detailed, policy
"""
request = HttpHelper(self.session)
describe_endpoint = "%s/%s" % (self.endpoint(), policy_id)
return request.get(describe_endpoint)[self.policy_key()]
def issues(self, server_id):
"""This method retrieves the detail of a server issues.
Args:
server_id (str): ID of server
Returns:
list: issues of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/issues" % server_id
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def list_local_accounts(self, server_id):
"""This method retrieves all local user accounts on the server\
specified by server ID
Args:
server_id (str): Server ID
Returns:
list: List of dictionary objects describing local user account
"""
endpoint = "/v1/servers/%s/accounts" % (server_id)
request = HttpHelper(self.session)
response = request.get(endpoint)
local_accounts = response["accounts"]
return local_accounts
def describe_local_account(self, server_id, username):
"""Get deatils on local user account
Args:
server_id (str): Server ID
username (str): username of the local user account
Returns:
dict: Dictionary object describing local user account
"""
endpoint = "/v1/servers/%s/accounts/%s" % (server_id, username)
request = HttpHelper(self.session)
response = request.get(endpoint)
account_detail = response["account"]
return account_detail
def findings(self, scan_id, findings_id):
"""Get FIM, CSM, and SVA findings details by scan and findings ID
Args:
scan_id (str): ID of scan_id
findings_id (str): ID of findings to retrieve
Returns:
dict: Dictionary object descrbing findings
"""
endpoint = "/v1/scans/%s/findings/%s" % (scan_id, findings_id)
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def issues(self, server_id):
"""This method retrieves the detail of a server issues.
Args:
server_id (str): ID of server
Returns:
list: issues of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/issues" % server_id
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def describe(self, server_id):
"""Get server details by server ID
Args:
server_id (str): Server ID
Returns:
dict: Dictionary object describing server
"""
endpoint = "/v1/servers/%s" % server_id
request = HttpHelper(self.session)
response = request.get(endpoint)
server_details = response["server"]
return server_details
def scan_details(self, scan_id):
"""Get detailed scan information
Args:
scan_id (str): ID of scan
Returns:
dict: Dictionary object describing scan details
"""
endpoint = "/v1/scans/%s" % scan_id
request = HttpHelper(self.session)
response = request.get(endpoint)
report = response["scan"]
return report
def findings(self, scan_id, findings_id):
"""Get FIM, CSM, and SVA findings details by scan and findings ID
Args:
scan_id (str): ID of scan_id
findings_id (str): ID of findings to retrieve
Returns:
dict: Dictionary object descrbing findings
"""
endpoint = "/v1/scans/%s/findings/%s" % (scan_id, findings_id)
request = HttpHelper(self.session)
response = request.get(endpoint)
return response
def scan_details(self, scan_id):
"""Get detailed scan information
Args:
scan_id (str): ID of scan
Returns:
dict: Dictionary object describing scan details
"""
endpoint = "/v1/scans/%s" % scan_id
request = HttpHelper(self.session)
response = request.get(endpoint)
report = response["scan"]
return report
def describe(self, server_id):
"""Get server details by server ID
Args:
server_id (str): Server ID
Returns:
dict: Dictionary object describing server
"""
endpoint = "/v1/servers/%s" % server_id
request = HttpHelper(self.session)
response = request.get(endpoint)
server_details = response["server"]
return server_details
def list_members(self, group_id):
"""Returns a list of all member servers of a group_id
Args:
group_id (str): ID of group_id
Returns:
list: List of dictionary objects describing member servers
"""
endpoint = "/v1/groups/%s/servers" % group_id
request = HttpHelper(self.session)
response = request.get(endpoint)
servers = response["servers"]
return servers
def describe(self, group_id):
"""Describe a ServerGroup. In detail.
Args:
group_id (str): ID of group
Returns:
dict: Dictionary object describing group. In detail.
"""
endpoint = "/v1/groups/%s" % group_id
request = HttpHelper(self.session)
response = request.get(endpoint)
group = response["group"]
return group
def list_members(self, group_id):
"""Returns a list of all member servers of a group_id
Args:
group_id (str): ID of group_id
Returns:
list: List of dictionary objects describing member servers
"""
endpoint = "/v1/groups/%s/servers" % group_id
request = HttpHelper(self.session)
response = request.get(endpoint)
servers = response["servers"]
return servers
def describe(self, group_id):
"""Describe a ServerGroup. In detail.
Args:
group_id (str): ID of group
Returns:
dict: Dictionary object describing group. In detail.
"""
endpoint = "/v1/groups/%s" % group_id
request = HttpHelper(self.session)
response = request.get(endpoint)
group = response["group"]
return group
def command_details(self, server_id, command_id):
"""This method retrieves the details and status of a server command.
Args:
server_id (str): ID of server runnung command
command_id (str): ID of command running on server
Returns:
dict: Command status as a dictionary object.
Example:
::
{
"name": "",
"status: "",
"created_at": "",
"updated_at": "",
"result": ""
}
For server account creation and server account password resets, \
the password will be contained in the result field, as a dictionary:
::
{
"name": "",
"status: "",
"created_at": "",
"updated_at": "",
"result": {
"password": ""
}
}
"""
endpoint = "/v1/servers/%s/commands/%s" % (server_id, command_id)
request = HttpHelper(self.session)
response = request.get(endpoint)
command_status = response["command"]
return command_status
def command_details(self, server_id, command_id):
"""This method retrieves the details and status of a server command.
Args:
server_id (str): ID of server runnung command
command_id (str): ID of command running on server
Returns:
dict: Command status as a dictionary object.
Example:
::
{
"name": "",
"status: "",
"created_at": "",
"updated_at": "",
"result": ""
}
For server account creation and server account password resets, \
the password will be contained in the result field, as a dictionary:
::
{
"name": "",
"status: "",
"created_at": "",
"updated_at": "",
"result": {
"password": ""
}
}
"""
endpoint = "/v1/servers/%s/commands/%s" % (server_id, command_id)
request = HttpHelper(self.session)
response = request.get(endpoint)
command_status = response["command"]
return command_status
def list_all(self, fim_policy_id):
"""Returns a list of all baselines for the indicated FIM policy
Args:
fim_policy_id (str): ID of fim policy
Returns:
list: List of all baselines for the given policy
"""
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id
key = "baselines"
max_pages = 30
response = request.get_paginated(endpoint, key, max_pages)
return response
def resolve(self, issue_id):
"""Resolves an Issue.
Args: issue_id (str): ID of issue to be altered
Returns:
True if successful, throws exception otherwise.
"""
sanity.validate_object_id(issue_id)
endpoint = "/v1/issues/%s" % issue_id
response = None
body = {"status": "resolved"}
request = HttpHelper(self.session)
response = request.put(endpoint, body)
return response
def describe(self, server_id, gid):
"""Get local user group deatils by server id and gid
Args:
server_id = Server ID
gid = gid
Returns:
list: List of dictionary object describing local user group detail
"""
endpoint = "/v1/local_groups?server_id=%s&gid=%s" % (server_id,
gid)
request = HttpHelper(self.session)
response = request.get(endpoint)
group_detail = response["local_groups"]
return group_detail
def list_connections(self, group_id, **kwargs):
"""This method retrieves all recently detected connections in the server\
group specified by Group ID
Args:
server_id (str): Group ID
Returns:
list: List of all recently detected connections in the srever group
"""
endpoint = "/v1/groups/%s/connections" % (group_id)
params = utility.sanitize_url_params(kwargs)
request = HttpHelper(self.session)
response = request.get(endpoint, params=params)
connections = response["connections"]
return connections
def list_all(self, fim_policy_id):
"""Returns a list of all baselines for the indicated FIM policy
Args:
fim_policy_id (str): ID of fim policy
Returns:
list: List of all baselines for the given policy
"""
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id
key = "baselines"
max_pages = 30
response = request.get_paginated(endpoint, key, max_pages)
return response
def delete(self, fim_policy_id, fim_baseline_id):
"""Delete a FIM baseline by ID
Args:
fim_policy_id (str): ID of FIM policy
fim_baseline_id (str): ID of baseline to be deleted
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request.delete(endpoint)
return None
def delete(self, fim_policy_id, fim_baseline_id):
"""Delete a FIM baseline by ID
Args:
fim_policy_id (str): ID of FIM policy
fim_baseline_id (str): ID of baseline to be deleted
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request.delete(endpoint)
return None
def list_all(self):
"""Returns a list of all groups for an account
This is represented as a list of dictionaries
This will only return a maximum of 20 pages, which amounts to
200 groups. If you have more than that, you should consider
using the SDK within a multi-threaded application so you don't
spend the rest of your life waiting on a list of groups.
"""
session = self.session
max_pages = 20
key = "groups"
endpoint = "/v1/groups"
request = HttpHelper(session)
groups = request.get_paginated(endpoint, key, max_pages)
return groups
def describe(self, fim_policy_id, fim_baseline_id):
"""Returns the body of the baseline indicated by fim_baseline_id.
Args
fim_policy_id (str): ID of FIM policy
fim_baseline_id (str): ID of baseline
Returns:
dict: Dictionary describing FIM baseline
"""
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
response = request.get(endpoint)
result = response["baseline"]
return result
def describe(self, fim_policy_id, baseline_id):
"""Returns the body of the baseline indicated by fim_baseline_id.
Args
fim_policy_id (str): ID of FIM policy
fim_baseline_id (str): ID of baseline
Returns:
dict: Dictionary describing FIM baseline
"""
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s/details" % (fim_policy_id,
baseline_id)
response = request.get(endpoint)
result = response["baseline"]
return result
def get_firewall_logs(self, server_id, pages):
"""This method retrieves the detail of a server firewall log.
Args:
server_id (str): ID of server
Returns:
list: firewall log of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/firewall_logs" % server_id
key = "agent_firewall_logs"
max_pages = pages
request = HttpHelper(self.session)
response = request.get_paginated(endpoint, key, max_pages)
return response
def list_all(self):
"""Returns a list of all groups for an account
This is represented as a list of dictionaries
This will only return a maximum of 20 pages, which amounts to
200 groups. If you have more than that, you should consider
using the SDK within a multi-threaded application so you don't
spend the rest of your life waiting on a list of groups.
"""
session = self.session
max_pages = 20
key = "groups"
endpoint = "/v1/groups"
request = HttpHelper(session)
groups = request.get_paginated(endpoint, key, max_pages)
return groups
def list_all(self, firewall_policy_id):
"""List all rules associated with a firewall policy.
Args:
firewall_policy_id (str): ID of firewall policy
Returns:
list: Returns a list of rules associated with the firewall \
policy, each of which are represented by an object of type dict.
"""
request = HttpHelper(self.session)
endpoint = ("/v1/firewall_policies/%s/firewall_rules/" %
firewall_policy_id)
key = "firewall_rules"
max_pages = 30
response = request.get_paginated(endpoint, key, max_pages)
return response
def retire(self, server_id):
"""This method retires a server
Args:
server_id (str): ID of server to be retired
Returns:
True if successful, throws exception on failure
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
body = {"server":
{"retire": True}}
request = HttpHelper(self.session)
request.put(endpoint, body)
# Exceptions fire deeper if this fails. Otherwise, return True.
return True
def get_firewall_logs(self, server_id, pages):
"""This method retrieves the detail of a server firewall log.
Args:
server_id (str): ID of server
Returns:
list: firewall log of the server
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s/firewall_logs" % server_id
key = "agent_firewall_logs"
max_pages = pages
request = HttpHelper(self.session)
response = request.get_paginated(endpoint, key, max_pages)
firewall_log_details = response[key]
return firewall_log_details
def delete(self, firewall_policy_id, firewall_rule_id):
"""Delete a firewall policy rule
Args:
firewall_policy_id (str): ID of firewall policy containing\
the rule to be deleted
firewall_rule_id (str): ID of firewall policy rule to delete
Returns:
None if successful. Errors will throw exceptions.
"""
sanity.validate_object_id([firewall_policy_id, firewall_rule_id])
request = HttpHelper(self.session)
endpoint = ("/v1/firewall_policies/%s/firewall_rules/%s" %
(firewall_policy_id, firewall_rule_id))
request.delete(endpoint)
return None
def assign_group(self, server_id, group_id):
"""Moves server to another group.
Args:
server_id (str): Target server's ID
group_id (str): ID of group to move server to.
Returns:
True if successful, throws exceptions if it fails.
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request_body = {"server": {"group_id": group_id}}
request = HttpHelper(self.session)
request.put(endpoint, request_body)
# Exception will throw if the prior line fails.
return True
def update(self, fim_policy_id, fim_baseline_id, server_id):
"""Update a FIM policy baseline.
Args:
fim_policy_id (str): ID of fim policy
fim_baseline_id (str): ID of baseline to be updated
server_id (str): ID of server to use when generating new baseline
Returns:
None if successful, exceptions throw otherwise.
"""
sanity.validate_object_id([fim_policy_id, fim_baseline_id, server_id])
request = HttpHelper(self.session)
endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id,
fim_baseline_id)
request_body = {"baseline": {"server_id": server_id}}
request.put(endpoint, request_body)
return None
def delete(self, server_id):
"""Deletes server indicated by server_id.
Remember, deletion causes the removal of accociated security
events and scan information.
Args:
server_id (str): ID of server to be deleted
Returns:
True if successful, throws exceptions otherwise.
"""
sanity.validate_object_id(server_id)
endpoint = "/v1/servers/%s" % server_id
request = HttpHelper(self.session)
request.delete(endpoint)
# If no exception from request, we're successful
return True
def list_all(self, pages, **kwargs):
"""Returns a list of all events.
Default filter returns ALL events. This is a very verbose \
and time-consuming operation.
Args:
pages (int): Max number of pages (of ten items each) to retrieve
Keyword Args:
group_id (list or str): A list or comma-separated string \
containing the group IDs to retrieve events for.
server_id (list or str): A list or comma-separated string \
containing the server IDs to retrieve events for.
server_platform (str): (linux | windows)
critical (bool): Returns only critical or \
noncritical events.
type (list or str): A list or comma-separated string containing \
the event types to query for. A complete list of event types is \
available \
`here: <https://support.cloudpassage.com/entries/23125117-Events\
#event-types>`_
since (str): ISO 8601 formatted string representing the starting \
date and time for query
until (str): ISO 8601 formatted string representing the ending \
date and time for query
Returns:
list: List of dictionary objects describing servers
"""
endpoint = "/v1/events"
key = "events"
max_pages = pages
request = HttpHelper(self.session)
params = utility.sanitize_url_params(kwargs)
response = request.get_paginated(endpoint, key, max_pages,
params=params)
return response
def update(self, firewall_policy_id, firewall_rule_id, firewall_rule_body):
"""Update a firewall policy rule.
Args:
firewall_policy_id (str): ID of firewall policy containing the\
rule to be modified.
firewall_rule_id (str): ID of firewall policy rule to modify.
firewall_rule_body (dict or str): String- or dictionary-type \
object containing the fields to be updated within the firewall \
rule.
Returns:
None if successful. Errors will throw exceptions.
Example:
::
{
"firewall_rule" : {
"chain": "INPUT",
"active": true,
"firewall_interface": "7b881ca072b1012ec681404096c01709",
"firewall_service": "7b6409a072b1012ec681404096c01709",
"connection_states": "NEW, ESTABLISHED",
"action": "ACCEPT",
"log": true,
"log_prefix": "East-3 input-accept",
"comment": "All servers in group East-3 must include this rule",
"position": 4
}
}
"""
sanity.validate_object_id([firewall_policy_id, firewall_rule_id])
request = HttpHelper(self.session)
endpoint = ("/v1/firewall_policies/%s/firewall_rules/%s" %
(firewall_policy_id, firewall_rule_id))
request.put(endpoint, firewall_rule_body)
return None
