laceworksdk.api

Lacework API wrappers.

  1# -*- coding: utf-8 -*-
  2"""
  3Lacework API wrappers.
  4"""
  5
  6import os
  7
  8from dotenv import load_dotenv
  9import configparser
 10
 11from laceworksdk.http_session import HttpSession
 12
 13from .v1.account import AccountAPI
 14from .v1.compliance import ComplianceAPI
 15from .v1.custom_compliance_config import CustomComplianceConfigAPI
 16from .v1.download_file import DownloadFileAPI
 17from .v1.integrations import IntegrationsAPI
 18from .v1.recommendations import RecommendationsAPI
 19from .v1.run_reports import RunReportsAPI
 20from .v1.suppressions import SuppressionsAPI
 21from .v1.token import TokenAPI
 22
 23from .v2.activities import ActivitiesAPI
 24from .v2.agent_access_tokens import AgentAccessTokensAPI
 25from .v2.agent_info import AgentInfoAPI
 26from .v2.alert_channels import AlertChannelsAPI
 27from .v2.alert_profiles import AlertProfilesAPI
 28from .v2.alert_rules import AlertRulesAPI
 29from .v2.alerts import AlertsAPI
 30from .v2.audit_logs import AuditLogsAPI
 31from .v2.cloud_accounts import CloudAccountsAPI
 32from .v2.cloud_activities import CloudActivitiesAPI
 33from .v2.configs import ConfigsAPI
 34from .v2.container_registries import ContainerRegistriesAPI
 35from .v2.contract_info import ContractInfoAPI
 36from .v2.datasources import DatasourcesAPI
 37from .v2.entities import EntitiesAPI
 38from .v2.events import EventsAPIv2
 39from .v2.inventory import InventoryAPI
 40from .v2.organization_info import OrganizationInfoAPI
 41from .v2.policies import PoliciesAPI
 42from .v2.policy_exceptions import PolicyExceptionsAPI
 43from .v2.queries import QueriesAPI
 44from .v2.report_definitions import ReportDefinitionsAPI
 45from .v2.report_rules import ReportRulesAPI
 46from .v2.reports import ReportsAPI
 47from .v2.resource_groups import ResourceGroupsAPI
 48from .v2.schemas import SchemasAPI
 49from .v2.team_members import TeamMembersAPI
 50from .v2.user_profile import UserProfileAPI
 51from .v2.vulnerabilities import VulnerabilitiesAPI
 52from .v2.vulnerability_exceptions import VulnerabilityExceptionsAPI
 53from .v2.vulnerability_policies import VulnerabilityPoliciesAPI
 54
 55from laceworksdk.config import (
 56    LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE,
 57    LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE,
 58    LACEWORK_API_KEY_ENVIRONMENT_VARIABLE,
 59    LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE,
 60    LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE,
 61    LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE,
 62    LACEWORK_CLI_CONFIG_RELATIVE_PATH
 63)
 64
 65load_dotenv()
 66
 67
 68class LaceworkClient:
 69    """
 70    Lacework API wrapper for Python.
 71    """
 72
 73    def __init__(self,
 74                 account=None,
 75                 subaccount=None,
 76                 api_key=None,
 77                 api_secret=None,
 78                 instance=None,
 79                 base_domain=None,
 80                 profile=None):
 81        """
 82        Initializes the Lacework Client object.
 83
 84        Order of operation is:
 85            1. Parameters passed in via the init function (flags).
 86            2. Environmental variables.
 87            3. Configuration file, located in ~/.lacework.toml
 88
 89        :return LaceworkClient object.
 90        """
 91
 92        # Attempt to use Environment Variables
 93        self._account = account or instance or os.getenv(
 94            LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE)
 95        self._subaccount = subaccount or os.getenv(
 96            LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE)
 97        self._api_key = api_key or os.getenv(
 98            LACEWORK_API_KEY_ENVIRONMENT_VARIABLE)
 99        self._api_secret = api_secret or os.getenv(
100            LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE)
101        self._base_domain = base_domain or os.getenv(
102            LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE)
103
104        config_file_path = os.path.join(
105            os.path.expanduser("~"), LACEWORK_CLI_CONFIG_RELATIVE_PATH)
106
107        if os.path.isfile(config_file_path):
108            profile = profile or os.getenv(
109                LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, "default")
110            config_obj = configparser.ConfigParser()
111            config_obj.read([config_file_path])
112            if config_obj.has_section(profile):
113                config_section = config_obj[profile]
114                api_key = config_section.get("api_key", "").strip('""')
115                if not self._api_key and api_key:
116                    self._api_key = api_key
117
118                api_secret = config_section.get("api_secret", "").strip('""')
119                if not self._api_secret and api_secret:
120                    self._api_secret = api_secret
121
122                account = config_section.get("account", "").strip('""')
123                if not self._account and account:
124                    self._account = account
125
126                subaccount = config_section.get("subaccount", "").strip('""')
127                if not self._subaccount and subaccount:
128                    self._subaccount = subaccount
129
130        # Create an HttpSession instance
131        self._session = HttpSession(
132            self._account,
133            self._subaccount,
134            self._api_key,
135            self._api_secret,
136            self._base_domain
137        )
138
139        # API Wrappers
140        self.account = AccountAPI(self._session)
141        self.activities = ActivitiesAPI(self._session)
142        self.agent_access_tokens = AgentAccessTokensAPI(self._session)
143        self.agent_info = AgentInfoAPI(self._session)
144        self.alert_channels = AlertChannelsAPI(self._session)
145        self.alert_profiles = AlertProfilesAPI(self._session)
146        self.alert_rules = AlertRulesAPI(self._session)
147        self.alerts = AlertsAPI(self._session)
148        self.audit_logs = AuditLogsAPI(self._session)
149        self.cloud_accounts = CloudAccountsAPI(self._session)
150        self.cloud_activities = CloudActivitiesAPI(self._session)
151        self.compliance = ComplianceAPI(self._session)
152        self.compliance.config = CustomComplianceConfigAPI(self._session)
153        self.configs = ConfigsAPI(self._session)
154        self.container_registries = ContainerRegistriesAPI(self._session)
155        self.contract_info = ContractInfoAPI(self._session)
156        self.datasources = DatasourcesAPI(self._session)
157        self.entities = EntitiesAPI(self._session)
158        self.events = EventsAPIv2(self._session)
159        self.files = DownloadFileAPI(self._session)
160        self.inventory = InventoryAPI(self._session)
161        self.integrations = IntegrationsAPI(self._session)
162        self.organization_info = OrganizationInfoAPI(self._session)
163        self.policies = PoliciesAPI(self._session)
164        self.policy_exceptions = PolicyExceptionsAPI(self._session)
165        self.queries = QueriesAPI(self._session)
166        self.recommendations = RecommendationsAPI(self._session)
167        self.report_definitions = ReportDefinitionsAPI(self._session)
168        self.report_rules = ReportRulesAPI(self._session)
169        self.reports = ReportsAPI(self._session)
170        self.resource_groups = ResourceGroupsAPI(self._session)
171        self.run_reports = RunReportsAPI(self._session)
172        self.schemas = SchemasAPI(self._session)
173        self.suppressions = SuppressionsAPI(self._session)
174        self.team_members = TeamMembersAPI(self._session)
175        self.tokens = TokenAPI(self._session)
176        self.user_profile = UserProfileAPI(self._session)
177        self.vulnerabilities = VulnerabilitiesAPI(self._session)
178        self.vulnerability_exceptions = VulnerabilityExceptionsAPI(self._session)
179        self.vulnerability_policies = VulnerabilityPoliciesAPI(self._session)
180
181    def set_org_level_access(self, org_level_access):
182        """
183        A method to set whether the client should use organization-level API calls.
184        """
185
186        if org_level_access is True:
187            self._session._org_level_access = True
188        else:
189            self._session._org_level_access = False
190
191    def set_subaccount(self, subaccount):
192        """
193        A method to update the subaccount the client should use for API calls.
194        """
195
196        self._session._subaccount = subaccount
class LaceworkClient:
 69class LaceworkClient:
 70    """
 71    Lacework API wrapper for Python.
 72    """
 73
 74    def __init__(self,
 75                 account=None,
 76                 subaccount=None,
 77                 api_key=None,
 78                 api_secret=None,
 79                 instance=None,
 80                 base_domain=None,
 81                 profile=None):
 82        """
 83        Initializes the Lacework Client object.
 84
 85        Order of operation is:
 86            1. Parameters passed in via the init function (flags).
 87            2. Environmental variables.
 88            3. Configuration file, located in ~/.lacework.toml
 89
 90        :return LaceworkClient object.
 91        """
 92
 93        # Attempt to use Environment Variables
 94        self._account = account or instance or os.getenv(
 95            LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE)
 96        self._subaccount = subaccount or os.getenv(
 97            LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE)
 98        self._api_key = api_key or os.getenv(
 99            LACEWORK_API_KEY_ENVIRONMENT_VARIABLE)
100        self._api_secret = api_secret or os.getenv(
101            LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE)
102        self._base_domain = base_domain or os.getenv(
103            LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE)
104
105        config_file_path = os.path.join(
106            os.path.expanduser("~"), LACEWORK_CLI_CONFIG_RELATIVE_PATH)
107
108        if os.path.isfile(config_file_path):
109            profile = profile or os.getenv(
110                LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, "default")
111            config_obj = configparser.ConfigParser()
112            config_obj.read([config_file_path])
113            if config_obj.has_section(profile):
114                config_section = config_obj[profile]
115                api_key = config_section.get("api_key", "").strip('""')
116                if not self._api_key and api_key:
117                    self._api_key = api_key
118
119                api_secret = config_section.get("api_secret", "").strip('""')
120                if not self._api_secret and api_secret:
121                    self._api_secret = api_secret
122
123                account = config_section.get("account", "").strip('""')
124                if not self._account and account:
125                    self._account = account
126
127                subaccount = config_section.get("subaccount", "").strip('""')
128                if not self._subaccount and subaccount:
129                    self._subaccount = subaccount
130
131        # Create an HttpSession instance
132        self._session = HttpSession(
133            self._account,
134            self._subaccount,
135            self._api_key,
136            self._api_secret,
137            self._base_domain
138        )
139
140        # API Wrappers
141        self.account = AccountAPI(self._session)
142        self.activities = ActivitiesAPI(self._session)
143        self.agent_access_tokens = AgentAccessTokensAPI(self._session)
144        self.agent_info = AgentInfoAPI(self._session)
145        self.alert_channels = AlertChannelsAPI(self._session)
146        self.alert_profiles = AlertProfilesAPI(self._session)
147        self.alert_rules = AlertRulesAPI(self._session)
148        self.alerts = AlertsAPI(self._session)
149        self.audit_logs = AuditLogsAPI(self._session)
150        self.cloud_accounts = CloudAccountsAPI(self._session)
151        self.cloud_activities = CloudActivitiesAPI(self._session)
152        self.compliance = ComplianceAPI(self._session)
153        self.compliance.config = CustomComplianceConfigAPI(self._session)
154        self.configs = ConfigsAPI(self._session)
155        self.container_registries = ContainerRegistriesAPI(self._session)
156        self.contract_info = ContractInfoAPI(self._session)
157        self.datasources = DatasourcesAPI(self._session)
158        self.entities = EntitiesAPI(self._session)
159        self.events = EventsAPIv2(self._session)
160        self.files = DownloadFileAPI(self._session)
161        self.inventory = InventoryAPI(self._session)
162        self.integrations = IntegrationsAPI(self._session)
163        self.organization_info = OrganizationInfoAPI(self._session)
164        self.policies = PoliciesAPI(self._session)
165        self.policy_exceptions = PolicyExceptionsAPI(self._session)
166        self.queries = QueriesAPI(self._session)
167        self.recommendations = RecommendationsAPI(self._session)
168        self.report_definitions = ReportDefinitionsAPI(self._session)
169        self.report_rules = ReportRulesAPI(self._session)
170        self.reports = ReportsAPI(self._session)
171        self.resource_groups = ResourceGroupsAPI(self._session)
172        self.run_reports = RunReportsAPI(self._session)
173        self.schemas = SchemasAPI(self._session)
174        self.suppressions = SuppressionsAPI(self._session)
175        self.team_members = TeamMembersAPI(self._session)
176        self.tokens = TokenAPI(self._session)
177        self.user_profile = UserProfileAPI(self._session)
178        self.vulnerabilities = VulnerabilitiesAPI(self._session)
179        self.vulnerability_exceptions = VulnerabilityExceptionsAPI(self._session)
180        self.vulnerability_policies = VulnerabilityPoliciesAPI(self._session)
181
182    def set_org_level_access(self, org_level_access):
183        """
184        A method to set whether the client should use organization-level API calls.
185        """
186
187        if org_level_access is True:
188            self._session._org_level_access = True
189        else:
190            self._session._org_level_access = False
191
192    def set_subaccount(self, subaccount):
193        """
194        A method to update the subaccount the client should use for API calls.
195        """
196
197        self._session._subaccount = subaccount

Lacework API wrapper for Python.

LaceworkClient( account=None, subaccount=None, api_key=None, api_secret=None, instance=None, base_domain=None, profile=None)
 74    def __init__(self,
 75                 account=None,
 76                 subaccount=None,
 77                 api_key=None,
 78                 api_secret=None,
 79                 instance=None,
 80                 base_domain=None,
 81                 profile=None):
 82        """
 83        Initializes the Lacework Client object.
 84
 85        Order of operation is:
 86            1. Parameters passed in via the init function (flags).
 87            2. Environmental variables.
 88            3. Configuration file, located in ~/.lacework.toml
 89
 90        :return LaceworkClient object.
 91        """
 92
 93        # Attempt to use Environment Variables
 94        self._account = account or instance or os.getenv(
 95            LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE)
 96        self._subaccount = subaccount or os.getenv(
 97            LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE)
 98        self._api_key = api_key or os.getenv(
 99            LACEWORK_API_KEY_ENVIRONMENT_VARIABLE)
100        self._api_secret = api_secret or os.getenv(
101            LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE)
102        self._base_domain = base_domain or os.getenv(
103            LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE)
104
105        config_file_path = os.path.join(
106            os.path.expanduser("~"), LACEWORK_CLI_CONFIG_RELATIVE_PATH)
107
108        if os.path.isfile(config_file_path):
109            profile = profile or os.getenv(
110                LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, "default")
111            config_obj = configparser.ConfigParser()
112            config_obj.read([config_file_path])
113            if config_obj.has_section(profile):
114                config_section = config_obj[profile]
115                api_key = config_section.get("api_key", "").strip('""')
116                if not self._api_key and api_key:
117                    self._api_key = api_key
118
119                api_secret = config_section.get("api_secret", "").strip('""')
120                if not self._api_secret and api_secret:
121                    self._api_secret = api_secret
122
123                account = config_section.get("account", "").strip('""')
124                if not self._account and account:
125                    self._account = account
126
127                subaccount = config_section.get("subaccount", "").strip('""')
128                if not self._subaccount and subaccount:
129                    self._subaccount = subaccount
130
131        # Create an HttpSession instance
132        self._session = HttpSession(
133            self._account,
134            self._subaccount,
135            self._api_key,
136            self._api_secret,
137            self._base_domain
138        )
139
140        # API Wrappers
141        self.account = AccountAPI(self._session)
142        self.activities = ActivitiesAPI(self._session)
143        self.agent_access_tokens = AgentAccessTokensAPI(self._session)
144        self.agent_info = AgentInfoAPI(self._session)
145        self.alert_channels = AlertChannelsAPI(self._session)
146        self.alert_profiles = AlertProfilesAPI(self._session)
147        self.alert_rules = AlertRulesAPI(self._session)
148        self.alerts = AlertsAPI(self._session)
149        self.audit_logs = AuditLogsAPI(self._session)
150        self.cloud_accounts = CloudAccountsAPI(self._session)
151        self.cloud_activities = CloudActivitiesAPI(self._session)
152        self.compliance = ComplianceAPI(self._session)
153        self.compliance.config = CustomComplianceConfigAPI(self._session)
154        self.configs = ConfigsAPI(self._session)
155        self.container_registries = ContainerRegistriesAPI(self._session)
156        self.contract_info = ContractInfoAPI(self._session)
157        self.datasources = DatasourcesAPI(self._session)
158        self.entities = EntitiesAPI(self._session)
159        self.events = EventsAPIv2(self._session)
160        self.files = DownloadFileAPI(self._session)
161        self.inventory = InventoryAPI(self._session)
162        self.integrations = IntegrationsAPI(self._session)
163        self.organization_info = OrganizationInfoAPI(self._session)
164        self.policies = PoliciesAPI(self._session)
165        self.policy_exceptions = PolicyExceptionsAPI(self._session)
166        self.queries = QueriesAPI(self._session)
167        self.recommendations = RecommendationsAPI(self._session)
168        self.report_definitions = ReportDefinitionsAPI(self._session)
169        self.report_rules = ReportRulesAPI(self._session)
170        self.reports = ReportsAPI(self._session)
171        self.resource_groups = ResourceGroupsAPI(self._session)
172        self.run_reports = RunReportsAPI(self._session)
173        self.schemas = SchemasAPI(self._session)
174        self.suppressions = SuppressionsAPI(self._session)
175        self.team_members = TeamMembersAPI(self._session)
176        self.tokens = TokenAPI(self._session)
177        self.user_profile = UserProfileAPI(self._session)
178        self.vulnerabilities = VulnerabilitiesAPI(self._session)
179        self.vulnerability_exceptions = VulnerabilityExceptionsAPI(self._session)
180        self.vulnerability_policies = VulnerabilityPoliciesAPI(self._session)

Initializes the Lacework Client object.

Order of operation is: 1. Parameters passed in via the init function (flags). 2. Environmental variables. 3. Configuration file, located in ~/.lacework.toml

:return LaceworkClient object.

def set_org_level_access(self, org_level_access):
182    def set_org_level_access(self, org_level_access):
183        """
184        A method to set whether the client should use organization-level API calls.
185        """
186
187        if org_level_access is True:
188            self._session._org_level_access = True
189        else:
190            self._session._org_level_access = False

A method to set whether the client should use organization-level API calls.

def set_subaccount(self, subaccount):
192    def set_subaccount(self, subaccount):
193        """
194        A method to update the subaccount the client should use for API calls.
195        """
196
197        self._session._subaccount = subaccount

A method to update the subaccount the client should use for API calls.