def create(self, fim_policy_id, server_id, **kwargs): """Creates a FIM baseline Args: fim_policy_id (str): ID of FIM policy to baseline server_id (str): ID of server to use for generating baseline Keyword Args: expires (int): Number of days from today for expiration of baseline comment (str): Guess. Returns: str: ID of new baseline """ sanity.validate_object_id([fim_policy_id, server_id]) request = HttpHelper(self.session) endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id request_body = { "baseline": { "server_id": server_id, "expires": None, "comment": None } } if "expires" in kwargs: request_body["baseline"]["expires"] = kwargs["expires"] if "comment" in kwargs: request_body["baseline"]["comment"] = kwargs["comment"] response = request.post(endpoint, request_body) policy_id = response["baseline"]["id"] return policy_id
def initiate_scan(self, server_id, scan_type): """Initiate a scan on a specific server. Args: server_id (str): ID of server to be scanned scan_type (str): Type of scan to be run. Valid scan types: sca - Configuration scan csm - Configuration scan (same as sca) svm - Software vulnerability scan sva - Software vulnerability scan (same as svm) sam - Server access management scan fim - File integrity monitoring scan sv - Agent self-verifiation scan Returns: dict: Dictionary describing command created as a result of this \ call Failure throws an exception. """ sanity.validate_object_id(server_id) if self.scan_type_supported(scan_type) is False: exception_message = "Unsupported scan type: %s" % scan_type raise CloudPassageValidation(exception_message) else: scan_type_normalized = self.supported_scans[scan_type] request_body = {"scan": {"module": scan_type_normalized}} endpoint = "/v1/servers/%s/scans" % server_id request = HttpHelper(self.session) response = request.post(endpoint, request_body) command_info = response["command"] return command_info
def delete(self, policy_id): """Delete a policy by ID. Success returns None""" sanity.validate_object_id(policy_id) request = HttpHelper(self.session) delete_endpoint = "%s/%s" % (self.endpoint(), policy_id) request.delete(delete_endpoint) return None
def delete(self, object_id): """Delete by ID. Success returns None""" sanity.validate_object_id(object_id) request = HttpHelper(self.session) delete_endpoint = "%s/%s" % (self.endpoint(), object_id) request.delete(delete_endpoint) return None
def create(self, fim_policy_id, server_id, **kwargs): """Creates a FIM baseline Args: fim_policy_id (str): ID of FIM policy to baseline server_id (str): ID of server to use for generating baseline Keyword Args: expires (int): Number of days from today for expiration of baseline comment (str): Guess. Returns: str: ID of new baseline """ sanity.validate_object_id([fim_policy_id, server_id]) request = HttpHelper(self.session) endpoint = "/v1/fim_policies/%s/baselines" % fim_policy_id request_body = {"baseline": {"server_id": server_id, "expires": None, "comment": None}} if "expires" in kwargs: request_body["baseline"]["expires"] = kwargs["expires"] if "comment" in kwargs: request_body["baseline"]["comment"] = kwargs["comment"] response = request.post(endpoint, request_body) policy_id = response["baseline"]["id"] return policy_id
def update(self, group_id, **kwargs): """Updates a ServerGroup. Args: group_id (str): ID of group to be altered Keyword Args: name (str): Override name for group linux_firewall_policy_id (str): Override Linux firewall policy ID. windows_firewall_policy_id (str): Override Windows firewall policy ID. policy_ids (list): Override Linux configuration policies windows_policy_ids (list): Override Windows firewall policies linux_fim_policy_ids (list): Override Linux firewall policies windows_fim_policy_ids (list): Override Windows FIM policies lids_policy_ids (list): Override LIDS policy IDs tag (str): Override server group tag special_events_policy (str): Override server events policy. Note the difference in naming from the :meth:`cloudpassage.ServerGroup.create()` method alert_profiles (list): List of alert profiles Returns: True if successful, throws exception otherwise. """ sanity.validate_object_id(group_id) endpoint = "/v1/groups/%s" % group_id response = None group_data = {} body = {"group": utility.merge_dicts(group_data, kwargs)} request = HttpHelper(self.session) response = request.put(endpoint, body) return response
def migrate_servers(self, grp_id, server_ids, srv_state=None): """Migrate servers in server_ids into the group identified by group_id. Args: grp_id (str): ID of group to merge server_ids (list): A list of server_id srv_state (str): A comma-separated string containing filters to be applied to the list of servers to be migrated. Valid filters are `active`, `missing`, `deactivated`, and `retired` Returns: server ids (list): A list of all server_id in the identified server group. """ if not srv_state: srv_state = "active,missing,deactivated,retired" srv_ids = [] body = {"server": {"group_id": grp_id}} sanity.validate_object_id(grp_id) for server_id in server_ids: sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s" % server_id request = HttpHelper(self.session) request.put(endpoint, body) sgrp_endpoint = "/v1/groups/%s/servers?state=%s" % (grp_id, srv_state) response = request.get(sgrp_endpoint) srv_list = response["servers"] for srv in srv_list: srv_ids.append(srv["id"]) return srv_ids
def initiate_scan(self, server_id, scan_type): """Initiate a scan on a specific server. Args: server_id (str): ID of server to be scanned scan_type (str): Type of scan to be run. Valid scan types: sca - Configuration scan csm - Configuration scan (same as sca) svm - Software vulnerability scan sva - Software vulnerability scan (same as svm) sam - Server access management scan fim - File integrity monitoring scan sv - Agent self-verifiation scan Returns: dict: Dictionary describing command created as a result of this call. Failure throws an exception. """ sanity.validate_object_id(server_id) if self.scan_type_supported(scan_type) is False: exception_message = "Unsupported scan type: %s" % scan_type raise CloudPassageValidation(exception_message) else: scan_type_normalized = self.supported_scans[scan_type] request_body = {"scan": {"module": scan_type_normalized}} endpoint = "/v1/servers/%s/scans" % server_id request = HttpHelper(self.session) response = request.post(endpoint, request_body) command_info = response["command"] return command_info
def update(self, object_body): """Update. Success returns None""" request = HttpHelper(self.session) request_body = utility.policy_to_dict(object_body) object_id = request_body[self.object_key()]["id"] sanity.validate_object_id(object_id) update_endpoint = "%s/%s" % (self.endpoint(), object_id) request.put(update_endpoint, request_body) return None
def update(self, policy_body): """Update a policy. Success returns None""" request = HttpHelper(self.session) request_body = utility.policy_to_dict(policy_body) policy_id = request_body[self.policy_key()]["id"] sanity.validate_object_id(policy_id) update_endpoint = "%s/%s" % (self.endpoint(), policy_id) request.put(update_endpoint, request_body) return None
def issues(self, server_id): """This method retrieves the detail of a server issues. Args: server_id (str): ID of server Returns: list: issues of the server """ sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s/issues" % server_id request = HttpHelper(self.session) response = request.get(endpoint) return response
def resolve(self, issue_id): """Resolves an Issue. Args: issue_id (str): ID of issue to be altered Returns: True if successful, throws exception otherwise. """ sanity.validate_object_id(issue_id) endpoint = "/v1/issues/%s" % issue_id response = None body = {"status": "resolved"} request = HttpHelper(self.session) response = request.put(endpoint, body) return response
def delete(self, fim_policy_id, fim_baseline_id): """Delete a FIM baseline by ID Args: fim_policy_id (str): ID of FIM policy fim_baseline_id (str): ID of baseline to be deleted Returns: None if successful, exceptions throw otherwise. """ sanity.validate_object_id([fim_policy_id, fim_baseline_id]) request = HttpHelper(self.session) endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id, fim_baseline_id) request.delete(endpoint) return None
def get_firewall_logs(self, server_id, pages): """This method retrieves the detail of a server firewall log. Args: server_id (str): ID of server Returns: list: firewall log of the server """ sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s/firewall_logs" % server_id key = "agent_firewall_logs" max_pages = pages request = HttpHelper(self.session) response = request.get_paginated(endpoint, key, max_pages) return response
def retire(self, server_id): """This method retires a server Args: server_id (str): ID of server to be retired Returns: True if successful, throws exception on failure """ sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s" % server_id body = {"server": {"retire": True}} request = HttpHelper(self.session) request.put(endpoint, body) # Exceptions fire deeper if this fails. Otherwise, return True. return True
def assign_group(self, server_id, group_id): """Moves server to another group. Args: server_id (str): Target server's ID group_id (str): ID of group to move server to. Returns: True if successful, throws exceptions if it fails. """ sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s" % server_id request_body = {"server": {"group_id": group_id}} request = HttpHelper(self.session) request.put(endpoint, request_body) # Exception will throw if the prior line fails. return True
def delete(self, firewall_policy_id, firewall_rule_id): """Delete a firewall policy rule Args: firewall_policy_id (str): ID of firewall policy containing\ the rule to be deleted firewall_rule_id (str): ID of firewall policy rule to delete Returns: None if successful. Errors will throw exceptions. """ sanity.validate_object_id([firewall_policy_id, firewall_rule_id]) request = HttpHelper(self.session) endpoint = ("/v1/firewall_policies/%s/firewall_rules/%s" % (firewall_policy_id, firewall_rule_id)) request.delete(endpoint) return None
def get_firewall_logs(self, server_id, pages): """This method retrieves the detail of a server firewall log. Args: server_id (str): ID of server Returns: list: firewall log of the server """ sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s/firewall_logs" % server_id key = "agent_firewall_logs" max_pages = pages request = HttpHelper(self.session) response = request.get_paginated(endpoint, key, max_pages) firewall_log_details = response[key] return firewall_log_details
def delete(self, server_id): """Deletes server indicated by server_id. Remember, deletion causes the removal of accociated security events and scan information. Args: server_id (str): ID of server to be deleted Returns: True if successful, throws exceptions otherwise. """ sanity.validate_object_id(server_id) endpoint = "/v1/servers/%s" % server_id request = HttpHelper(self.session) request.delete(endpoint) # If no exception from request, we're successful return True
def update(self, fim_policy_id, fim_baseline_id, server_id): """Update a FIM policy baseline. Args: fim_policy_id (str): ID of fim policy fim_baseline_id (str): ID of baseline to be updated server_id (str): ID of server to use when generating new baseline Returns: None if successful, exceptions throw otherwise. """ sanity.validate_object_id([fim_policy_id, fim_baseline_id, server_id]) request = HttpHelper(self.session) endpoint = "/v1/fim_policies/%s/baselines/%s" % (fim_policy_id, fim_baseline_id) request_body = {"baseline": {"server_id": server_id}} request.put(endpoint, request_body) return None
def update(self, firewall_policy_id, firewall_rule_id, firewall_rule_body): """Update a firewall policy rule. Args: firewall_policy_id (str): ID of firewall policy containing the\ rule to be modified. firewall_rule_id (str): ID of firewall policy rule to modify. firewall_rule_body (dict or str): String- or dictionary-type \ object containing the fields to be updated within the firewall \ rule. Returns: None if successful. Errors will throw exceptions. Example: :: { "firewall_rule" : { "chain": "INPUT", "active": true, "firewall_interface": "7b881ca072b1012ec681404096c01709", "firewall_service": "7b6409a072b1012ec681404096c01709", "connection_states": "NEW, ESTABLISHED", "action": "ACCEPT", "log": true, "log_prefix": "East-3 input-accept", "comment": "All servers in group East-3 must include this rule", "position": 4 } } """ sanity.validate_object_id([firewall_policy_id, firewall_rule_id]) request = HttpHelper(self.session) endpoint = ("/v1/firewall_policies/%s/firewall_rules/%s" % (firewall_policy_id, firewall_rule_id)) request.put(endpoint, firewall_rule_body) return None
def update(self, group_id, **kwargs): """Updates a ServerGroup. Args: group_id (str): ID of group to be altered Keyword Args: name (str): Override name for group linux_firewall_policy_id (str): Override Linux firewall policy ID. windows_firewall_policy_id (str): Override Windows firewall \ policy ID. policy_ids (list): Override Linux configuration policies windows_policy_ids (list): Override Windows firewall policies linux_fim_policy_ids (list): Override Linux firewall policies windows_fim_policy_ids (list): Override Windows FIM policies lids_policy_ids (list): Override LIDS policy IDs tag (str): Override server group tag special_events_policy (str): Override server events policy. Note\ the difference in naming from the \ :meth:`cloudpassage.ServerGroup.create()` \ method alert_profiles (list): List of alert profiles Returns: True if successful, throws exception otherwise. """ sanity.validate_object_id(group_id) endpoint = "/v1/groups/%s" % group_id response = None group_data = {} try: sanity.validate_servergroup_update(kwargs) except TypeError as exc: raise CloudPassageValidation(exc) body = {"group": utility.merge_dicts(group_data, kwargs)} request = HttpHelper(self.session) response = request.put(endpoint, body) return response
def create(self, firewall_policy_id, rule_body): """Creates a rule within a firewall policy. Args: rule_body (dict or str): string or dict containing the json \ representation of the firewall policy to be created. Returns: str: ID of newly-created firewall rule Example rule_body: :: { "firewall_rule" : { "chain": "INPUT", "active": true, "firewall_interface": "7b881ca072b1012ec681404096c01709", "firewall_service": "7b6409a072b1012ec681404096c01709", "connection_states": "NEW, ESTABLISHED", "action": "ACCEPT", "log": true, "log_prefix": "East-3 input-accept", "comment": "All servers in group East-3 must include this rule", "position": 4 } } """ sanity.validate_object_id(firewall_policy_id) request = HttpHelper(self.session) endpoint = ("/v1/firewall_policies/%s/firewall_rules" % firewall_policy_id) response = request.post(endpoint, rule_body) policy_id = response["firewall_rule"]["id"] return policy_id
def delete(self, group_id, **kwargs): """ Delete a server group. Args: group_id (str): ID of group to delete Keyword Args: force (bool): If set to True, the member servers from this group \ will be moved to the parent group. Returns: None if successful, exceptions otherwise. """ sanity.validate_object_id(group_id) endpoint = "/v1/groups/%s" % group_id request = HttpHelper(self.session) if ("force" in kwargs) and (kwargs["force"] is True): params = {"move_to_parent": "true"} request.delete(endpoint, params=params) else: request.delete(endpoint) return None