) parser.add_argument( '-url', '--uiurl', type=str, help='*Required* - Base URL used in the UI for connecting to Prisma Cloud. ' 'Formatted as app.prismacloud.io or app2.prismacloud.io or app.eu.prismacloud.io, etc. ' 'You can also input the api version of the URL if you know it and it will be passed through.' ) args = parser.parse_args() # --End parse command line arguments-- # # --Main-- # if args.username is not None and args.password is not None and args.uiurl is not None: pc_lib_general.pc_settings_write(args.username, args.password, args.uiurl) print('Settings successfully saved to disk.') elif args.username is None and args.password is None and args.uiurl is None: pc_settings = pc_lib_general.pc_settings_read() print("Your currently configured Prisma Cloud Access Key is:") print(pc_settings['username']) if pc_settings['apiBase'] is not None: print("Your currently configured Prisma Cloud API Base URL is:") print(pc_settings['apiBase']) else: pc_lib_general.pc_exit_error( 400, "Please input an Access Key (--username), Secret Key (--password), and UI base URL (--uiurl)" " or no switches at all to see currently set information. Note: The Prisma Cloud UI Base URL should be " "similar to app.prismacloud.io, app2.prismacloud.io, etc.")
# --Main-- # # Get login details worked out pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl) # Verification (override with -y) if not args.yes: print() print('Ready to excute commands aginst your Prisma Cloud tenant.') verification_response = str( input('Would you like to continue (y or yes to continue)?')) continue_response = {'yes', 'y'} print() if verification_response not in continue_response: pc_lib_general.pc_exit_error( 400, 'Verification failed due to user response. Exiting...') # Sort out API Login print('API - Getting authentication token...', end='') pc_settings = pc_lib_api.pc_jwt_get(pc_settings) print('Done.') print('File - Importing CSV from disk...', end='') import_list_from_csv = pandas.read_csv(args.source_csv_account_groups_list) print(import_list_from_csv) print('Done.') # Get existing cloud account list print('API - Getting existing account group list...', end='') #below gets level2 pc_settings, response_package = pc_lib_api.api_accounts_groups_list_get(
# --Main-- # # Get login details worked out pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl) # Verification (override with -y) if not args.yes: print() print('Ready to excute commands aginst your Prisma Cloud tenant.') verification_response = str( input('Would you like to continue (y or yes to continue)?')) continue_response = {'yes', 'y'} print() if verification_response not in continue_response: pc_lib_general.pc_exit_error( 400, 'Verification failed due to user response. Exiting...') # Sort out API Login print('API - Getting authentication token...') pc_settings = pc_lib_api.pc_jwt_get(pc_settings) print(' Done.') print() ## Compliance Copy ## # Read in the JSON import file export_file_data = pc_lib_general.pc_file_read_json( args.source_import_file_name) # Do a quick validation to see if we are getting the base keys if 'compliance_standard_original' not in export_file_data: pc_lib_general.pc_exit_error(
# --Main-- # # Get login details worked out pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl) # Verification (override with -y) if not args.yes: print() print('Ready to excute commands aginst your Prisma Cloud tenant.') verification_response = str( input('Would you like to continue (y or yes to continue)?')) continue_response = {'yes', 'y'} print() if verification_response not in continue_response: pc_lib_general.pc_exit_error( 400, 'Verification failed due to user response. Exiting...') # Sort out API Login print('API - Getting authentication token...') pc_settings = pc_lib_api.pc_jwt_get(pc_settings) print(' Done.') print() ## Compliance Copy ## # Set up the data structure export_file_data = {} export_file_data[ 'export_file_version'] = DEFAULT_COMPLIANCE_EXPORT_FILE_VERSION export_file_data['compliance_section_list_original'] = {} export_file_data['policy_object_original'] = {} export_file_data['search_object_original'] = {}
# --Main-- # # Get login details worked out pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl) # Verification (override with -y) if not args.yes: print() print('Ready to excute commands aginst your Prisma Cloud tenant.') verification_response = str( input('Would you like to continue (y or yes to continue)?')) continue_response = {'yes', 'y'} print() if verification_response not in continue_response: pc_lib_general.pc_exit_error( 400, 'Verification failed due to user response. Exiting...') # Sort out API Login print('API - Getting authentication token...', end='') pc_settings = pc_lib_api.pc_jwt_get(pc_settings) print('Done.') ## Compliance Copy ## wait_timer = 5 # Check the compliance standard and get the JSON information print('API - Getting the Compliance Standards list...', end='') pc_settings, response_package = pc_lib_api.api_compliance_standard_list_get( pc_settings) compliance_standard_list_temp = response_package['data'] compliance_standard_original = search_list_object_lower( compliance_standard_list_temp, 'name',
args = parser.parse_args() # --End parse command line arguments-- # # --Main-- # print("Configuration file:") if args.config_file is None: print(pc_lib_general.DEFAULT_SETTINGS_FILE_NAME) else: print(args.config_file) print() if args.username is not None and args.password is not None and args.uiurl is not None: pc_lib_general.pc_settings_write(args.username, args.password, args.uiurl, args.config_file) print('Settings saved to configuration file.') elif args.username is None and args.password is None and args.uiurl is None: pc_settings = pc_lib_general.pc_settings_read(args.config_file) print("Your currently configured Prisma Cloud Access Key is:") print(pc_settings['username']) print() if pc_settings['apiBase'] is not None: print("Your currently configured Prisma Cloud API/UI Base URL is:") print(pc_settings['apiBase']) print() else: pc_lib_general.pc_exit_error( 400, "Please specify an Access Key (--username), Secret Key (--password), and API/UIUI Base URL (--uiurl) " "or no switches, other than an optional (--config_file), to view your current settings. " "Note: The Prisma Cloud API/UI Base URL should be similar to: app.prismacloud.io, app2.prismacloud.io, etc." )
def pc_call_api(action, api_url, pc_settings, data=None, params=None, try_count=5, max_retries=9, auth_count=0, auth_retries=5, headers_param={'Content-Type': 'application/json'}): retry_statuses = [429, 500, 502, 503, 504] auth_statuses = [401] retry_wait_timer = 30 headers = headers_param headers['x-redlock-auth'] = pc_settings['jwt'] # Make the API Call print(headers) response = requests.request(action, api_url, params=params, headers=headers, data=json.dumps(data)) print(response) # Check for an error to retry, re-auth, or fail if response.status_code in retry_statuses: try_count = try_count + 1 if try_count <= max_retries: time.sleep(retry_wait_timer) return pc_call_api(action=action, api_url=api_url, pc_settings=pc_settings, data=data, params=params, try_count=try_count, max_retries=max_retries, auth_count=auth_count, auth_retries=auth_retries, headers_param=headers) else: response.raise_for_status() elif response.status_code in auth_statuses and pc_settings[ 'jwt'] is not None: auth_count = auth_count + 1 if auth_count <= auth_retries: pc_settings = pc_jwt_get(pc_settings) return pc_call_api(action=action, api_url=api_url, pc_settings=pc_settings, data=data, params=params, try_count=try_count, max_retries=max_retries, auth_count=auth_count, auth_retries=auth_retries, headers_param=headers) else: response.raise_for_status() else: response.raise_for_status() # Check for valid response and catch if blank or unexpected api_response_package = {} api_response_package['statusCode'] = response.status_code try: # Check if response should be CSV or JSON if 'accept' in headers and headers['accept'] == 'text/csv': api_response_package['data'] = response.text else: api_response_package['data'] = response.json() except ValueError: if response.text == '': api_response_package['data'] = None else: pc_lib_general.pc_exit_error( 501, 'The server returned an unexpected server response.') return pc_settings, api_response_package
args = parser.parse_args() # --End parse command line arguments-- # # --Main-- # # Get login details worked out pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl, args.config_file) # Verification (override with -y) if not args.yes: print() print('Ready to execute commands against your Prisma Cloud tenant.') verification_response = str(input('Would you like to continue (y or yes to continue)?')) continue_response = {'yes', 'y'} print() if verification_response not in continue_response: pc_lib_general.pc_exit_error(400, 'Verification failed due to user response. Exiting...') # Sort out API Login print('API - Getting authentication token...', end='') pc_settings = pc_lib_api.pc_jwt_get(pc_settings) print('Done.') print('API - Getting user...', end='') pc_settings, response_package = pc_lib_api.api_user_get(pc_settings, args.useremail.lower()) user_new = response_package['data'] print('Done.') # Figure out what was updated and then post the changes as a complete package if args.role is not None: print('API - Getting user roles list...', end='') pc_settings, response_package = pc_lib_api.api_user_role_list_get(pc_settings)
# --Main-- # # Get login details worked out pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl) # Verification (override with -y) if not args.yes: print() print('Ready to excute commands aginst your Prisma Cloud tenant.') verification_response = str( input('Would you like to continue (y or yes to continue)?')) continue_response = {'yes', 'y'} print() if verification_response not in continue_response: pc_lib_general.pc_exit_error( 400, 'Verification failed due to user response. Exiting...') # Sort out API Login print('API - Getting authentication token...') pc_settings = pc_lib_api.pc_jwt_get(pc_settings) print(' Done.') print() # Read in the JSON import file export_file_data = pc_lib_general.pc_file_read_json( args.source_import_file_name) # Do a quick validation to see if we are getting the base keys if 'policy_list_original' not in export_file_data: pc_lib_general.pc_exit_error( 404,