laceworksdk.api
Lacework API wrappers.
1# -*- coding: utf-8 -*- 2""" 3Lacework API wrappers. 4""" 5 6import os 7 8from dotenv import load_dotenv 9import configparser 10 11from laceworksdk.http_session import HttpSession 12 13from .v1.account import AccountAPI 14from .v1.compliance import ComplianceAPI 15from .v1.custom_compliance_config import CustomComplianceConfigAPI 16from .v1.download_file import DownloadFileAPI 17from .v1.integrations import IntegrationsAPI 18from .v1.recommendations import RecommendationsAPI 19from .v1.run_reports import RunReportsAPI 20from .v1.suppressions import SuppressionsAPI 21from .v1.token import TokenAPI 22 23from .v2.activities import ActivitiesAPI 24from .v2.agent_access_tokens import AgentAccessTokensAPI 25from .v2.agent_info import AgentInfoAPI 26from .v2.alert_channels import AlertChannelsAPI 27from .v2.alert_profiles import AlertProfilesAPI 28from .v2.alert_rules import AlertRulesAPI 29from .v2.alerts import AlertsAPI 30from .v2.audit_logs import AuditLogsAPI 31from .v2.cloud_accounts import CloudAccountsAPI 32from .v2.cloud_activities import CloudActivitiesAPI 33from .v2.configs import ConfigsAPI 34from .v2.container_registries import ContainerRegistriesAPI 35from .v2.contract_info import ContractInfoAPI 36from .v2.datasources import DatasourcesAPI 37from .v2.entities import EntitiesAPI 38from .v2.events import EventsAPIv2 39from .v2.inventory import InventoryAPI 40from .v2.organization_info import OrganizationInfoAPI 41from .v2.policies import PoliciesAPI 42from .v2.policy_exceptions import PolicyExceptionsAPI 43from .v2.queries import QueriesAPI 44from .v2.report_definitions import ReportDefinitionsAPI 45from .v2.report_rules import ReportRulesAPI 46from .v2.reports import ReportsAPI 47from .v2.resource_groups import ResourceGroupsAPI 48from .v2.schemas import SchemasAPI 49from .v2.team_members import TeamMembersAPI 50from .v2.user_profile import UserProfileAPI 51from .v2.vulnerabilities import VulnerabilitiesAPI 52from .v2.vulnerability_exceptions import VulnerabilityExceptionsAPI 53from .v2.vulnerability_policies import VulnerabilityPoliciesAPI 54 55from laceworksdk.config import ( 56 LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE, 57 LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE, 58 LACEWORK_API_KEY_ENVIRONMENT_VARIABLE, 59 LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE, 60 LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE, 61 LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, 62 LACEWORK_CLI_CONFIG_RELATIVE_PATH 63) 64 65load_dotenv() 66 67 68class LaceworkClient: 69 """ 70 Lacework API wrapper for Python. 71 """ 72 73 def __init__(self, 74 account=None, 75 subaccount=None, 76 api_key=None, 77 api_secret=None, 78 instance=None, 79 base_domain=None, 80 profile=None): 81 """ 82 Initializes the Lacework Client object. 83 84 Order of operation is: 85 1. Parameters passed in via the init function (flags). 86 2. Environmental variables. 87 3. Configuration file, located in ~/.lacework.toml 88 89 :return LaceworkClient object. 90 """ 91 92 # Attempt to use Environment Variables 93 self._account = account or instance or os.getenv( 94 LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE) 95 self._subaccount = subaccount or os.getenv( 96 LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE) 97 self._api_key = api_key or os.getenv( 98 LACEWORK_API_KEY_ENVIRONMENT_VARIABLE) 99 self._api_secret = api_secret or os.getenv( 100 LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE) 101 self._base_domain = base_domain or os.getenv( 102 LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE) 103 104 config_file_path = os.path.join( 105 os.path.expanduser("~"), LACEWORK_CLI_CONFIG_RELATIVE_PATH) 106 107 if os.path.isfile(config_file_path): 108 profile = profile or os.getenv( 109 LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, "default") 110 config_obj = configparser.ConfigParser() 111 config_obj.read([config_file_path]) 112 if config_obj.has_section(profile): 113 config_section = config_obj[profile] 114 api_key = config_section.get("api_key", "").strip('""') 115 if not self._api_key and api_key: 116 self._api_key = api_key 117 118 api_secret = config_section.get("api_secret", "").strip('""') 119 if not self._api_secret and api_secret: 120 self._api_secret = api_secret 121 122 account = config_section.get("account", "").strip('""') 123 if not self._account and account: 124 self._account = account 125 126 subaccount = config_section.get("subaccount", "").strip('""') 127 if not self._subaccount and subaccount: 128 self._subaccount = subaccount 129 130 # Create an HttpSession instance 131 self._session = HttpSession( 132 self._account, 133 self._subaccount, 134 self._api_key, 135 self._api_secret, 136 self._base_domain 137 ) 138 139 # API Wrappers 140 self.account = AccountAPI(self._session) 141 self.activities = ActivitiesAPI(self._session) 142 self.agent_access_tokens = AgentAccessTokensAPI(self._session) 143 self.agent_info = AgentInfoAPI(self._session) 144 self.alert_channels = AlertChannelsAPI(self._session) 145 self.alert_profiles = AlertProfilesAPI(self._session) 146 self.alert_rules = AlertRulesAPI(self._session) 147 self.alerts = AlertsAPI(self._session) 148 self.audit_logs = AuditLogsAPI(self._session) 149 self.cloud_accounts = CloudAccountsAPI(self._session) 150 self.cloud_activities = CloudActivitiesAPI(self._session) 151 self.compliance = ComplianceAPI(self._session) 152 self.compliance.config = CustomComplianceConfigAPI(self._session) 153 self.configs = ConfigsAPI(self._session) 154 self.container_registries = ContainerRegistriesAPI(self._session) 155 self.contract_info = ContractInfoAPI(self._session) 156 self.datasources = DatasourcesAPI(self._session) 157 self.entities = EntitiesAPI(self._session) 158 self.events = EventsAPIv2(self._session) 159 self.files = DownloadFileAPI(self._session) 160 self.inventory = InventoryAPI(self._session) 161 self.integrations = IntegrationsAPI(self._session) 162 self.organization_info = OrganizationInfoAPI(self._session) 163 self.policies = PoliciesAPI(self._session) 164 self.policy_exceptions = PolicyExceptionsAPI(self._session) 165 self.queries = QueriesAPI(self._session) 166 self.recommendations = RecommendationsAPI(self._session) 167 self.report_definitions = ReportDefinitionsAPI(self._session) 168 self.report_rules = ReportRulesAPI(self._session) 169 self.reports = ReportsAPI(self._session) 170 self.resource_groups = ResourceGroupsAPI(self._session) 171 self.run_reports = RunReportsAPI(self._session) 172 self.schemas = SchemasAPI(self._session) 173 self.suppressions = SuppressionsAPI(self._session) 174 self.team_members = TeamMembersAPI(self._session) 175 self.tokens = TokenAPI(self._session) 176 self.user_profile = UserProfileAPI(self._session) 177 self.vulnerabilities = VulnerabilitiesAPI(self._session) 178 self.vulnerability_exceptions = VulnerabilityExceptionsAPI(self._session) 179 self.vulnerability_policies = VulnerabilityPoliciesAPI(self._session) 180 181 def set_org_level_access(self, org_level_access): 182 """ 183 A method to set whether the client should use organization-level API calls. 184 """ 185 186 if org_level_access is True: 187 self._session._org_level_access = True 188 else: 189 self._session._org_level_access = False 190 191 def set_subaccount(self, subaccount): 192 """ 193 A method to update the subaccount the client should use for API calls. 194 """ 195 196 self._session._subaccount = subaccount
class
LaceworkClient:
69class LaceworkClient: 70 """ 71 Lacework API wrapper for Python. 72 """ 73 74 def __init__(self, 75 account=None, 76 subaccount=None, 77 api_key=None, 78 api_secret=None, 79 instance=None, 80 base_domain=None, 81 profile=None): 82 """ 83 Initializes the Lacework Client object. 84 85 Order of operation is: 86 1. Parameters passed in via the init function (flags). 87 2. Environmental variables. 88 3. Configuration file, located in ~/.lacework.toml 89 90 :return LaceworkClient object. 91 """ 92 93 # Attempt to use Environment Variables 94 self._account = account or instance or os.getenv( 95 LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE) 96 self._subaccount = subaccount or os.getenv( 97 LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE) 98 self._api_key = api_key or os.getenv( 99 LACEWORK_API_KEY_ENVIRONMENT_VARIABLE) 100 self._api_secret = api_secret or os.getenv( 101 LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE) 102 self._base_domain = base_domain or os.getenv( 103 LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE) 104 105 config_file_path = os.path.join( 106 os.path.expanduser("~"), LACEWORK_CLI_CONFIG_RELATIVE_PATH) 107 108 if os.path.isfile(config_file_path): 109 profile = profile or os.getenv( 110 LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, "default") 111 config_obj = configparser.ConfigParser() 112 config_obj.read([config_file_path]) 113 if config_obj.has_section(profile): 114 config_section = config_obj[profile] 115 api_key = config_section.get("api_key", "").strip('""') 116 if not self._api_key and api_key: 117 self._api_key = api_key 118 119 api_secret = config_section.get("api_secret", "").strip('""') 120 if not self._api_secret and api_secret: 121 self._api_secret = api_secret 122 123 account = config_section.get("account", "").strip('""') 124 if not self._account and account: 125 self._account = account 126 127 subaccount = config_section.get("subaccount", "").strip('""') 128 if not self._subaccount and subaccount: 129 self._subaccount = subaccount 130 131 # Create an HttpSession instance 132 self._session = HttpSession( 133 self._account, 134 self._subaccount, 135 self._api_key, 136 self._api_secret, 137 self._base_domain 138 ) 139 140 # API Wrappers 141 self.account = AccountAPI(self._session) 142 self.activities = ActivitiesAPI(self._session) 143 self.agent_access_tokens = AgentAccessTokensAPI(self._session) 144 self.agent_info = AgentInfoAPI(self._session) 145 self.alert_channels = AlertChannelsAPI(self._session) 146 self.alert_profiles = AlertProfilesAPI(self._session) 147 self.alert_rules = AlertRulesAPI(self._session) 148 self.alerts = AlertsAPI(self._session) 149 self.audit_logs = AuditLogsAPI(self._session) 150 self.cloud_accounts = CloudAccountsAPI(self._session) 151 self.cloud_activities = CloudActivitiesAPI(self._session) 152 self.compliance = ComplianceAPI(self._session) 153 self.compliance.config = CustomComplianceConfigAPI(self._session) 154 self.configs = ConfigsAPI(self._session) 155 self.container_registries = ContainerRegistriesAPI(self._session) 156 self.contract_info = ContractInfoAPI(self._session) 157 self.datasources = DatasourcesAPI(self._session) 158 self.entities = EntitiesAPI(self._session) 159 self.events = EventsAPIv2(self._session) 160 self.files = DownloadFileAPI(self._session) 161 self.inventory = InventoryAPI(self._session) 162 self.integrations = IntegrationsAPI(self._session) 163 self.organization_info = OrganizationInfoAPI(self._session) 164 self.policies = PoliciesAPI(self._session) 165 self.policy_exceptions = PolicyExceptionsAPI(self._session) 166 self.queries = QueriesAPI(self._session) 167 self.recommendations = RecommendationsAPI(self._session) 168 self.report_definitions = ReportDefinitionsAPI(self._session) 169 self.report_rules = ReportRulesAPI(self._session) 170 self.reports = ReportsAPI(self._session) 171 self.resource_groups = ResourceGroupsAPI(self._session) 172 self.run_reports = RunReportsAPI(self._session) 173 self.schemas = SchemasAPI(self._session) 174 self.suppressions = SuppressionsAPI(self._session) 175 self.team_members = TeamMembersAPI(self._session) 176 self.tokens = TokenAPI(self._session) 177 self.user_profile = UserProfileAPI(self._session) 178 self.vulnerabilities = VulnerabilitiesAPI(self._session) 179 self.vulnerability_exceptions = VulnerabilityExceptionsAPI(self._session) 180 self.vulnerability_policies = VulnerabilityPoliciesAPI(self._session) 181 182 def set_org_level_access(self, org_level_access): 183 """ 184 A method to set whether the client should use organization-level API calls. 185 """ 186 187 if org_level_access is True: 188 self._session._org_level_access = True 189 else: 190 self._session._org_level_access = False 191 192 def set_subaccount(self, subaccount): 193 """ 194 A method to update the subaccount the client should use for API calls. 195 """ 196 197 self._session._subaccount = subaccount
Lacework API wrapper for Python.
LaceworkClient( account=None, subaccount=None, api_key=None, api_secret=None, instance=None, base_domain=None, profile=None)
74 def __init__(self, 75 account=None, 76 subaccount=None, 77 api_key=None, 78 api_secret=None, 79 instance=None, 80 base_domain=None, 81 profile=None): 82 """ 83 Initializes the Lacework Client object. 84 85 Order of operation is: 86 1. Parameters passed in via the init function (flags). 87 2. Environmental variables. 88 3. Configuration file, located in ~/.lacework.toml 89 90 :return LaceworkClient object. 91 """ 92 93 # Attempt to use Environment Variables 94 self._account = account or instance or os.getenv( 95 LACEWORK_ACCOUNT_ENVIRONMENT_VARIABLE) 96 self._subaccount = subaccount or os.getenv( 97 LACEWORK_SUBACCOUNT_ENVIRONMENT_VARIABLE) 98 self._api_key = api_key or os.getenv( 99 LACEWORK_API_KEY_ENVIRONMENT_VARIABLE) 100 self._api_secret = api_secret or os.getenv( 101 LACEWORK_API_SECRET_ENVIRONMENT_VARIABLE) 102 self._base_domain = base_domain or os.getenv( 103 LACEWORK_API_BASE_DOMAIN_ENVIRONMENT_VARIABLE) 104 105 config_file_path = os.path.join( 106 os.path.expanduser("~"), LACEWORK_CLI_CONFIG_RELATIVE_PATH) 107 108 if os.path.isfile(config_file_path): 109 profile = profile or os.getenv( 110 LACEWORK_API_CONFIG_SECTION_ENVIRONMENT_VARIABLE, "default") 111 config_obj = configparser.ConfigParser() 112 config_obj.read([config_file_path]) 113 if config_obj.has_section(profile): 114 config_section = config_obj[profile] 115 api_key = config_section.get("api_key", "").strip('""') 116 if not self._api_key and api_key: 117 self._api_key = api_key 118 119 api_secret = config_section.get("api_secret", "").strip('""') 120 if not self._api_secret and api_secret: 121 self._api_secret = api_secret 122 123 account = config_section.get("account", "").strip('""') 124 if not self._account and account: 125 self._account = account 126 127 subaccount = config_section.get("subaccount", "").strip('""') 128 if not self._subaccount and subaccount: 129 self._subaccount = subaccount 130 131 # Create an HttpSession instance 132 self._session = HttpSession( 133 self._account, 134 self._subaccount, 135 self._api_key, 136 self._api_secret, 137 self._base_domain 138 ) 139 140 # API Wrappers 141 self.account = AccountAPI(self._session) 142 self.activities = ActivitiesAPI(self._session) 143 self.agent_access_tokens = AgentAccessTokensAPI(self._session) 144 self.agent_info = AgentInfoAPI(self._session) 145 self.alert_channels = AlertChannelsAPI(self._session) 146 self.alert_profiles = AlertProfilesAPI(self._session) 147 self.alert_rules = AlertRulesAPI(self._session) 148 self.alerts = AlertsAPI(self._session) 149 self.audit_logs = AuditLogsAPI(self._session) 150 self.cloud_accounts = CloudAccountsAPI(self._session) 151 self.cloud_activities = CloudActivitiesAPI(self._session) 152 self.compliance = ComplianceAPI(self._session) 153 self.compliance.config = CustomComplianceConfigAPI(self._session) 154 self.configs = ConfigsAPI(self._session) 155 self.container_registries = ContainerRegistriesAPI(self._session) 156 self.contract_info = ContractInfoAPI(self._session) 157 self.datasources = DatasourcesAPI(self._session) 158 self.entities = EntitiesAPI(self._session) 159 self.events = EventsAPIv2(self._session) 160 self.files = DownloadFileAPI(self._session) 161 self.inventory = InventoryAPI(self._session) 162 self.integrations = IntegrationsAPI(self._session) 163 self.organization_info = OrganizationInfoAPI(self._session) 164 self.policies = PoliciesAPI(self._session) 165 self.policy_exceptions = PolicyExceptionsAPI(self._session) 166 self.queries = QueriesAPI(self._session) 167 self.recommendations = RecommendationsAPI(self._session) 168 self.report_definitions = ReportDefinitionsAPI(self._session) 169 self.report_rules = ReportRulesAPI(self._session) 170 self.reports = ReportsAPI(self._session) 171 self.resource_groups = ResourceGroupsAPI(self._session) 172 self.run_reports = RunReportsAPI(self._session) 173 self.schemas = SchemasAPI(self._session) 174 self.suppressions = SuppressionsAPI(self._session) 175 self.team_members = TeamMembersAPI(self._session) 176 self.tokens = TokenAPI(self._session) 177 self.user_profile = UserProfileAPI(self._session) 178 self.vulnerabilities = VulnerabilitiesAPI(self._session) 179 self.vulnerability_exceptions = VulnerabilityExceptionsAPI(self._session) 180 self.vulnerability_policies = VulnerabilityPoliciesAPI(self._session)
Initializes the Lacework Client object.
Order of operation is: 1. Parameters passed in via the init function (flags). 2. Environmental variables. 3. Configuration file, located in ~/.lacework.toml
:return LaceworkClient object.
def
set_org_level_access(self, org_level_access):
182 def set_org_level_access(self, org_level_access): 183 """ 184 A method to set whether the client should use organization-level API calls. 185 """ 186 187 if org_level_access is True: 188 self._session._org_level_access = True 189 else: 190 self._session._org_level_access = False
A method to set whether the client should use organization-level API calls.