laceworksdk.api.v2.report_definitions

Lacework ReportDefinitions API wrapper.

  1# -*- coding: utf-8 -*-
  2"""
  3Lacework ReportDefinitions API wrapper.
  4"""
  5
  6from laceworksdk.api.crud_endpoint import CrudEndpoint
  7
  8
  9class ReportDefinitionsAPI(CrudEndpoint):
 10
 11    def __init__(self, session):
 12        """
 13        Initializes the ReportDefinitionsAPI object.
 14
 15        :param session: An instance of the HttpSession class
 16
 17        :return ReportDefinitionsAPI object.
 18        """
 19
 20        super().__init__(session, "ReportDefinitions")
 21
 22    def create(self,
 23               report_name,
 24               report_type,
 25               sub_report_type,
 26               report_definition,
 27               props,
 28               alert_channels,
 29               distribution_type,
 30               frequency,
 31               **request_params):
 32        """
 33        A method to create a new ReportDefinitions object.
 34
 35        :param report_name: A string representing the name of the report definition.
 36        :param report_type: A string representing the type of the report definition.
 37        :param sub_report_name: A string representing the sub-type of the report definition.
 38            ("AWS", "GCP", "Azure")
 39        :param report_definition: An object representing the the report definition.
 40            obj:
 41                :param sections: An array of objects representing the sections of the report definition.
 42                    :param category: A string representing the section's category.
 43                    :param title: A string representing the section's title.
 44                    :param policies: An array of strings representing the section's policies.
 45                :param overrides: An array of objects representing the overrides of the report definition.
 46                    :param title: A string representing the policy's title.
 47                    :param policy: A string representing the policy ID.
 48        :param props: An object representing metadata about the report definition.
 49            obj:
 50                :param engine: A string representing the evaluation engine used for the report.
 51                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
 52                :param resource_groups: An array of strings representing resource group IDs.
 53        :param alert_channels: An array of strings representing the alert channels for report distribution.
 54        :param distribution_type: A string representing the report format.
 55            ("csv", "html", "pdf")
 56        :param frequency: A string representing the frequency of report distribution.
 57            ("daily", "weekly")
 58        :param request_params: Additional request parameters.
 59            (provides support for parameters that may be added in the future)
 60
 61        :return response json
 62        """
 63
 64        return super().create(
 65            report_name=report_name,
 66            report_type=report_type,
 67            sub_report_type=sub_report_type,
 68            report_definition=report_definition,
 69            props=props,
 70            alert_channels=alert_channels,
 71            distribution_type=distribution_type,
 72            frequency=frequency,
 73            **request_params
 74        )
 75
 76    def get(self,
 77            id=None):
 78        """
 79        A method to get ReportDefinitions objects.
 80
 81        :param id: A string representing the object ID.
 82
 83        :return response json
 84        """
 85
 86        return super().get(id=id)
 87
 88    def get_by_id(self,
 89                  id):
 90        """
 91        A method to get a ReportDefinitions object by ID.
 92
 93        :param id: A string representing the object ID.
 94
 95        :return response json
 96        """
 97
 98        return self.get(id=id)
 99
100    def search(self, **request_params):
101        """
102        A method to 'pass' when attempting to search ReportDefinitions objects.
103
104        Search functionality is not yet implemented for Alert Profiles.
105        """
106        pass
107
108    def update(self,
109               id,
110               report_name,
111               report_type,
112               sub_report_type,
113               report_definition,
114               props=None,
115               alert_channels=None,
116               distribution_type=None,
117               frequency=None,
118               update_type=None,
119               **request_params):
120        """
121        A method to update an ReportDefinitions object.
122
123        :param id: A string representing the object ID.
124        :param report_name: A string representing the name of the report definition.
125        :param report_type: A string representing the type of the report definition.
126        :param sub_report_name: A string representing the sub-type of the report definition.
127            ("AWS", "GCP", "Azure")
128        :param report_definition: An object representing the the report definition.
129            obj:
130                :param sections: An array of objects representing the sections of the report definition.
131                    :param category: A string representing the section's category.
132                    :param title: A string representing the section's title.
133                    :param policies: An array of strings representing the section's policies.
134                :param overrides: An array of objects representing the overrides of the report definition.
135                    :param title: A string representing the policy's title.
136                    :param policy: A string representing the policy ID.
137        :param props: An object representing metadata about the report definition.
138            obj:
139                :param engine: A string representing the evaluation engine used for the report.
140                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
141                :param resource_groups: An array of strings representing resource group IDs.
142        :param alert_channels: An array of strings representing the alert channels for report distribution.
143        :param distribution_type: A string representing the report format.
144            ("csv", "html", "pdf")
145        :param frequency: A string representing the frequency of report distribution.
146            ("daily", "weekly")
147        :param update_type: A string representing the type of update for the report definition.
148            ("Update", "Revert")
149        :param request_params: Additional request parameters.
150            (provides support for parameters that may be added in the future)
151
152        :return response json
153        """
154
155        json = self.build_dict_from_items(
156            report_name=report_name,
157            report_type=report_type,
158            sub_report_type=sub_report_type,
159            report_definition=report_definition,
160            props=props,
161            alert_channels=alert_channels,
162            distribution_type=distribution_type,
163            frequency=frequency,
164            update_type=update_type,
165            **request_params
166        )
167
168        response = self._session.put(self.build_url(id=id), json=json)
169
170        return response.json()
171
172    def delete(self,
173               id):
174        """
175        A method to delete a ReportDefinitions object.
176
177        :param guid: A string representing the object ID.
178
179        :return response json
180        """
181
182        return super().delete(id=id)
class ReportDefinitionsAPI(laceworksdk.api.crud_endpoint.CrudEndpoint):
 10class ReportDefinitionsAPI(CrudEndpoint):
 11
 12    def __init__(self, session):
 13        """
 14        Initializes the ReportDefinitionsAPI object.
 15
 16        :param session: An instance of the HttpSession class
 17
 18        :return ReportDefinitionsAPI object.
 19        """
 20
 21        super().__init__(session, "ReportDefinitions")
 22
 23    def create(self,
 24               report_name,
 25               report_type,
 26               sub_report_type,
 27               report_definition,
 28               props,
 29               alert_channels,
 30               distribution_type,
 31               frequency,
 32               **request_params):
 33        """
 34        A method to create a new ReportDefinitions object.
 35
 36        :param report_name: A string representing the name of the report definition.
 37        :param report_type: A string representing the type of the report definition.
 38        :param sub_report_name: A string representing the sub-type of the report definition.
 39            ("AWS", "GCP", "Azure")
 40        :param report_definition: An object representing the the report definition.
 41            obj:
 42                :param sections: An array of objects representing the sections of the report definition.
 43                    :param category: A string representing the section's category.
 44                    :param title: A string representing the section's title.
 45                    :param policies: An array of strings representing the section's policies.
 46                :param overrides: An array of objects representing the overrides of the report definition.
 47                    :param title: A string representing the policy's title.
 48                    :param policy: A string representing the policy ID.
 49        :param props: An object representing metadata about the report definition.
 50            obj:
 51                :param engine: A string representing the evaluation engine used for the report.
 52                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
 53                :param resource_groups: An array of strings representing resource group IDs.
 54        :param alert_channels: An array of strings representing the alert channels for report distribution.
 55        :param distribution_type: A string representing the report format.
 56            ("csv", "html", "pdf")
 57        :param frequency: A string representing the frequency of report distribution.
 58            ("daily", "weekly")
 59        :param request_params: Additional request parameters.
 60            (provides support for parameters that may be added in the future)
 61
 62        :return response json
 63        """
 64
 65        return super().create(
 66            report_name=report_name,
 67            report_type=report_type,
 68            sub_report_type=sub_report_type,
 69            report_definition=report_definition,
 70            props=props,
 71            alert_channels=alert_channels,
 72            distribution_type=distribution_type,
 73            frequency=frequency,
 74            **request_params
 75        )
 76
 77    def get(self,
 78            id=None):
 79        """
 80        A method to get ReportDefinitions objects.
 81
 82        :param id: A string representing the object ID.
 83
 84        :return response json
 85        """
 86
 87        return super().get(id=id)
 88
 89    def get_by_id(self,
 90                  id):
 91        """
 92        A method to get a ReportDefinitions object by ID.
 93
 94        :param id: A string representing the object ID.
 95
 96        :return response json
 97        """
 98
 99        return self.get(id=id)
100
101    def search(self, **request_params):
102        """
103        A method to 'pass' when attempting to search ReportDefinitions objects.
104
105        Search functionality is not yet implemented for Alert Profiles.
106        """
107        pass
108
109    def update(self,
110               id,
111               report_name,
112               report_type,
113               sub_report_type,
114               report_definition,
115               props=None,
116               alert_channels=None,
117               distribution_type=None,
118               frequency=None,
119               update_type=None,
120               **request_params):
121        """
122        A method to update an ReportDefinitions object.
123
124        :param id: A string representing the object ID.
125        :param report_name: A string representing the name of the report definition.
126        :param report_type: A string representing the type of the report definition.
127        :param sub_report_name: A string representing the sub-type of the report definition.
128            ("AWS", "GCP", "Azure")
129        :param report_definition: An object representing the the report definition.
130            obj:
131                :param sections: An array of objects representing the sections of the report definition.
132                    :param category: A string representing the section's category.
133                    :param title: A string representing the section's title.
134                    :param policies: An array of strings representing the section's policies.
135                :param overrides: An array of objects representing the overrides of the report definition.
136                    :param title: A string representing the policy's title.
137                    :param policy: A string representing the policy ID.
138        :param props: An object representing metadata about the report definition.
139            obj:
140                :param engine: A string representing the evaluation engine used for the report.
141                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
142                :param resource_groups: An array of strings representing resource group IDs.
143        :param alert_channels: An array of strings representing the alert channels for report distribution.
144        :param distribution_type: A string representing the report format.
145            ("csv", "html", "pdf")
146        :param frequency: A string representing the frequency of report distribution.
147            ("daily", "weekly")
148        :param update_type: A string representing the type of update for the report definition.
149            ("Update", "Revert")
150        :param request_params: Additional request parameters.
151            (provides support for parameters that may be added in the future)
152
153        :return response json
154        """
155
156        json = self.build_dict_from_items(
157            report_name=report_name,
158            report_type=report_type,
159            sub_report_type=sub_report_type,
160            report_definition=report_definition,
161            props=props,
162            alert_channels=alert_channels,
163            distribution_type=distribution_type,
164            frequency=frequency,
165            update_type=update_type,
166            **request_params
167        )
168
169        response = self._session.put(self.build_url(id=id), json=json)
170
171        return response.json()
172
173    def delete(self,
174               id):
175        """
176        A method to delete a ReportDefinitions object.
177
178        :param guid: A string representing the object ID.
179
180        :return response json
181        """
182
183        return super().delete(id=id)

A class used to implement CRUD create/read/update/delete functionality for Lacework API Endpoints

ReportDefinitionsAPI(session)
12    def __init__(self, session):
13        """
14        Initializes the ReportDefinitionsAPI object.
15
16        :param session: An instance of the HttpSession class
17
18        :return ReportDefinitionsAPI object.
19        """
20
21        super().__init__(session, "ReportDefinitions")

Initializes the ReportDefinitionsAPI object.

Parameters
  • session: An instance of the HttpSession class

:return ReportDefinitionsAPI object.

def create( self, report_name, report_type, sub_report_type, report_definition, props, alert_channels, distribution_type, frequency, **request_params):
23    def create(self,
24               report_name,
25               report_type,
26               sub_report_type,
27               report_definition,
28               props,
29               alert_channels,
30               distribution_type,
31               frequency,
32               **request_params):
33        """
34        A method to create a new ReportDefinitions object.
35
36        :param report_name: A string representing the name of the report definition.
37        :param report_type: A string representing the type of the report definition.
38        :param sub_report_name: A string representing the sub-type of the report definition.
39            ("AWS", "GCP", "Azure")
40        :param report_definition: An object representing the the report definition.
41            obj:
42                :param sections: An array of objects representing the sections of the report definition.
43                    :param category: A string representing the section's category.
44                    :param title: A string representing the section's title.
45                    :param policies: An array of strings representing the section's policies.
46                :param overrides: An array of objects representing the overrides of the report definition.
47                    :param title: A string representing the policy's title.
48                    :param policy: A string representing the policy ID.
49        :param props: An object representing metadata about the report definition.
50            obj:
51                :param engine: A string representing the evaluation engine used for the report.
52                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
53                :param resource_groups: An array of strings representing resource group IDs.
54        :param alert_channels: An array of strings representing the alert channels for report distribution.
55        :param distribution_type: A string representing the report format.
56            ("csv", "html", "pdf")
57        :param frequency: A string representing the frequency of report distribution.
58            ("daily", "weekly")
59        :param request_params: Additional request parameters.
60            (provides support for parameters that may be added in the future)
61
62        :return response json
63        """
64
65        return super().create(
66            report_name=report_name,
67            report_type=report_type,
68            sub_report_type=sub_report_type,
69            report_definition=report_definition,
70            props=props,
71            alert_channels=alert_channels,
72            distribution_type=distribution_type,
73            frequency=frequency,
74            **request_params
75        )

A method to create a new ReportDefinitions object.

Parameters
  • report_name: A string representing the name of the report definition.
  • report_type: A string representing the type of the report definition.
  • sub_report_name: A string representing the sub-type of the report definition. ("AWS", "GCP", "Azure")
  • report_definition: An object representing the the report definition. obj: :param sections: An array of objects representing the sections of the report definition. :param category: A string representing the section's category. :param title: A string representing the section's title. :param policies: An array of strings representing the section's policies. :param overrides: An array of objects representing the overrides of the report definition. :param title: A string representing the policy's title. :param policy: A string representing the policy ID.
  • props: An object representing metadata about the report definition. obj: :param engine: A string representing the evaluation engine used for the report. :param integrations: An array of strings representing integrations (e.g. AWS Account IDs) :param resource_groups: An array of strings representing resource group IDs.
  • alert_channels: An array of strings representing the alert channels for report distribution.
  • distribution_type: A string representing the report format. ("csv", "html", "pdf")
  • frequency: A string representing the frequency of report distribution. ("daily", "weekly")
  • request_params: Additional request parameters. (provides support for parameters that may be added in the future)

:return response json

def get(self, id=None):
77    def get(self,
78            id=None):
79        """
80        A method to get ReportDefinitions objects.
81
82        :param id: A string representing the object ID.
83
84        :return response json
85        """
86
87        return super().get(id=id)

A method to get ReportDefinitions objects.

Parameters
  • id: A string representing the object ID.

:return response json

def get_by_id(self, id):
89    def get_by_id(self,
90                  id):
91        """
92        A method to get a ReportDefinitions object by ID.
93
94        :param id: A string representing the object ID.
95
96        :return response json
97        """
98
99        return self.get(id=id)

A method to get a ReportDefinitions object by ID.

Parameters
  • id: A string representing the object ID.

:return response json

def search(self, **request_params):
101    def search(self, **request_params):
102        """
103        A method to 'pass' when attempting to search ReportDefinitions objects.
104
105        Search functionality is not yet implemented for Alert Profiles.
106        """
107        pass

A method to 'pass' when attempting to search ReportDefinitions objects.

Search functionality is not yet implemented for Alert Profiles.

def update( self, id, report_name, report_type, sub_report_type, report_definition, props=None, alert_channels=None, distribution_type=None, frequency=None, update_type=None, **request_params):
109    def update(self,
110               id,
111               report_name,
112               report_type,
113               sub_report_type,
114               report_definition,
115               props=None,
116               alert_channels=None,
117               distribution_type=None,
118               frequency=None,
119               update_type=None,
120               **request_params):
121        """
122        A method to update an ReportDefinitions object.
123
124        :param id: A string representing the object ID.
125        :param report_name: A string representing the name of the report definition.
126        :param report_type: A string representing the type of the report definition.
127        :param sub_report_name: A string representing the sub-type of the report definition.
128            ("AWS", "GCP", "Azure")
129        :param report_definition: An object representing the the report definition.
130            obj:
131                :param sections: An array of objects representing the sections of the report definition.
132                    :param category: A string representing the section's category.
133                    :param title: A string representing the section's title.
134                    :param policies: An array of strings representing the section's policies.
135                :param overrides: An array of objects representing the overrides of the report definition.
136                    :param title: A string representing the policy's title.
137                    :param policy: A string representing the policy ID.
138        :param props: An object representing metadata about the report definition.
139            obj:
140                :param engine: A string representing the evaluation engine used for the report.
141                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
142                :param resource_groups: An array of strings representing resource group IDs.
143        :param alert_channels: An array of strings representing the alert channels for report distribution.
144        :param distribution_type: A string representing the report format.
145            ("csv", "html", "pdf")
146        :param frequency: A string representing the frequency of report distribution.
147            ("daily", "weekly")
148        :param update_type: A string representing the type of update for the report definition.
149            ("Update", "Revert")
150        :param request_params: Additional request parameters.
151            (provides support for parameters that may be added in the future)
152
153        :return response json
154        """
155
156        json = self.build_dict_from_items(
157            report_name=report_name,
158            report_type=report_type,
159            sub_report_type=sub_report_type,
160            report_definition=report_definition,
161            props=props,
162            alert_channels=alert_channels,
163            distribution_type=distribution_type,
164            frequency=frequency,
165            update_type=update_type,
166            **request_params
167        )
168
169        response = self._session.put(self.build_url(id=id), json=json)
170
171        return response.json()

A method to update an ReportDefinitions object.

Parameters
  • id: A string representing the object ID.
  • report_name: A string representing the name of the report definition.
  • report_type: A string representing the type of the report definition.
  • sub_report_name: A string representing the sub-type of the report definition. ("AWS", "GCP", "Azure")
  • report_definition: An object representing the the report definition. obj: :param sections: An array of objects representing the sections of the report definition. :param category: A string representing the section's category. :param title: A string representing the section's title. :param policies: An array of strings representing the section's policies. :param overrides: An array of objects representing the overrides of the report definition. :param title: A string representing the policy's title. :param policy: A string representing the policy ID.
  • props: An object representing metadata about the report definition. obj: :param engine: A string representing the evaluation engine used for the report. :param integrations: An array of strings representing integrations (e.g. AWS Account IDs) :param resource_groups: An array of strings representing resource group IDs.
  • alert_channels: An array of strings representing the alert channels for report distribution.
  • distribution_type: A string representing the report format. ("csv", "html", "pdf")
  • frequency: A string representing the frequency of report distribution. ("daily", "weekly")
  • update_type: A string representing the type of update for the report definition. ("Update", "Revert")
  • request_params: Additional request parameters. (provides support for parameters that may be added in the future)

:return response json

def delete(self, id):
173    def delete(self,
174               id):
175        """
176        A method to delete a ReportDefinitions object.
177
178        :param guid: A string representing the object ID.
179
180        :return response json
181        """
182
183        return super().delete(id=id)

A method to delete a ReportDefinitions object.

Parameters
  • guid: A string representing the object ID.

:return response json