laceworksdk.api.v2.policies
Lacework Policies API wrapper.
1# -*- coding: utf-8 -*- 2""" 3Lacework Policies API wrapper. 4""" 5 6from laceworksdk.api.crud_endpoint import CrudEndpoint 7 8 9class PoliciesAPI(CrudEndpoint): 10 11 def __init__(self, session): 12 """ 13 Initializes the PoliciesAPI object. 14 15 :param session: An instance of the HttpSession class 16 17 :return PoliciesAPI object. 18 """ 19 20 super().__init__(session, "Policies") 21 22 def create(self, 23 policy_type, 24 query_id, 25 enabled, 26 title, 27 description, 28 remediation, 29 severity, 30 alert_enabled, 31 alert_profile, 32 evaluator_id=None, 33 limit=None, 34 eval_frequency=None, 35 **request_params): 36 """ 37 A method to create a new Policies object. 38 39 :param policy_type: A string representing the object policy type. 40 :param query_id: A string representing the object query ID. 41 :param enabled: A boolean representing whether the object is enabled. 42 :param title: A string representing the object title. 43 :param description: A string representing the object description. 44 :param remediation: A string representing the remediation strategy for the object. 45 :param severity: A string representing the object severity. 46 ("info", "low", "medium", "high", "critical") 47 :param alert_enabled: A boolean representing whether alerting is enabled. 48 :param alert_profile: A string representing the alert profile. 49 :param evaluator_id: A string representing the evaluator in which the object is to be run. 50 :param limit: An integer representing the number of results to return. 51 :param eval_frequency: A string representing the frequency in which to evaluate the object. 52 ("Hourly", "Daily") 53 :param request_params: Additional request parameters. 54 (provides support for parameters that may be added in the future) 55 56 :return response json 57 """ 58 59 return super().create( 60 policy_type=policy_type, 61 query_id=query_id, 62 enabled=int(bool(enabled)), 63 title=title, 64 description=description, 65 remediation=remediation, 66 severity=severity, 67 alert_enabled=alert_enabled, 68 alert_profile=alert_profile, 69 evaluator_id=evaluator_id, 70 limit=limit, 71 eval_frequency=eval_frequency, 72 **request_params 73 ) 74 75 def get(self, 76 policy_id=None): 77 """ 78 A method to get Policies objects. 79 80 :param policy_id: A string representing the object policy ID. 81 82 :return response json 83 """ 84 85 return super().get(id=policy_id) 86 87 def get_by_id(self, 88 policy_id): 89 """ 90 A method to get a Policies object by policy ID. 91 92 :param policy_id: A string representing the object policy ID. 93 94 :return response json 95 """ 96 97 return self.get(policy_id=policy_id) 98 99 def update(self, # noqa: C901 100 policy_id, 101 policy_type=None, 102 query_id=None, 103 enabled=None, 104 title=None, 105 description=None, 106 remediation=None, 107 severity=None, 108 alert_enabled=None, 109 alert_profile=None, 110 limit=None, 111 eval_frequency=None, 112 **request_params): 113 """ 114 A method to update a Lacework Query Language (LQL) policy. 115 116 :param policy_id: A string representing the object policy ID. 117 :param policy_type: A string representing the object policy type. 118 :param query_id: A string representing the object query ID. 119 :param enabled: A boolean representing whether the object is enabled. 120 :param title: A string representing the object title. 121 :param description: A string representing the object description. 122 :param remediation: A string representing the remediation strategy for the object. 123 :param severity: A string representing the object severity. 124 ("info", "low", "medium", "high", "critical") 125 :param alert_enabled: A boolean representing whether alerting is enabled. 126 :param alert_profile: A string representing the alert profile. 127 :param limit: An integer representing the number of results to return. 128 :param eval_frequency: A string representing the frequency in which to evaluate the object. 129 ("Hourly", "Daily") 130 :param request_params: Additional request parameters. 131 (provides support for parameters that may be added in the future) 132 133 :return response json 134 """ 135 136 if enabled is not None: 137 enabled = bool(enabled) 138 139 if alert_enabled is not None: 140 alert_enabled = bool(alert_enabled) 141 142 return super().update( 143 id=policy_id, 144 policy_type=policy_type, 145 query_id=query_id, 146 enabled=enabled, 147 title=title, 148 description=description, 149 remediation=remediation, 150 severity=severity, 151 alert_enabled=alert_enabled, 152 alert_profile=alert_profile, 153 limit=limit, 154 eval_frequency=eval_frequency, 155 **request_params 156 ) 157 158 def delete(self, 159 policy_id): 160 """ 161 A method to delete a Policies object. 162 163 :param policy_id: A string representing the object policy ID. 164 165 :return response json 166 """ 167 168 return super().delete(id=policy_id)
10class PoliciesAPI(CrudEndpoint): 11 12 def __init__(self, session): 13 """ 14 Initializes the PoliciesAPI object. 15 16 :param session: An instance of the HttpSession class 17 18 :return PoliciesAPI object. 19 """ 20 21 super().__init__(session, "Policies") 22 23 def create(self, 24 policy_type, 25 query_id, 26 enabled, 27 title, 28 description, 29 remediation, 30 severity, 31 alert_enabled, 32 alert_profile, 33 evaluator_id=None, 34 limit=None, 35 eval_frequency=None, 36 **request_params): 37 """ 38 A method to create a new Policies object. 39 40 :param policy_type: A string representing the object policy type. 41 :param query_id: A string representing the object query ID. 42 :param enabled: A boolean representing whether the object is enabled. 43 :param title: A string representing the object title. 44 :param description: A string representing the object description. 45 :param remediation: A string representing the remediation strategy for the object. 46 :param severity: A string representing the object severity. 47 ("info", "low", "medium", "high", "critical") 48 :param alert_enabled: A boolean representing whether alerting is enabled. 49 :param alert_profile: A string representing the alert profile. 50 :param evaluator_id: A string representing the evaluator in which the object is to be run. 51 :param limit: An integer representing the number of results to return. 52 :param eval_frequency: A string representing the frequency in which to evaluate the object. 53 ("Hourly", "Daily") 54 :param request_params: Additional request parameters. 55 (provides support for parameters that may be added in the future) 56 57 :return response json 58 """ 59 60 return super().create( 61 policy_type=policy_type, 62 query_id=query_id, 63 enabled=int(bool(enabled)), 64 title=title, 65 description=description, 66 remediation=remediation, 67 severity=severity, 68 alert_enabled=alert_enabled, 69 alert_profile=alert_profile, 70 evaluator_id=evaluator_id, 71 limit=limit, 72 eval_frequency=eval_frequency, 73 **request_params 74 ) 75 76 def get(self, 77 policy_id=None): 78 """ 79 A method to get Policies objects. 80 81 :param policy_id: A string representing the object policy ID. 82 83 :return response json 84 """ 85 86 return super().get(id=policy_id) 87 88 def get_by_id(self, 89 policy_id): 90 """ 91 A method to get a Policies object by policy ID. 92 93 :param policy_id: A string representing the object policy ID. 94 95 :return response json 96 """ 97 98 return self.get(policy_id=policy_id) 99 100 def update(self, # noqa: C901 101 policy_id, 102 policy_type=None, 103 query_id=None, 104 enabled=None, 105 title=None, 106 description=None, 107 remediation=None, 108 severity=None, 109 alert_enabled=None, 110 alert_profile=None, 111 limit=None, 112 eval_frequency=None, 113 **request_params): 114 """ 115 A method to update a Lacework Query Language (LQL) policy. 116 117 :param policy_id: A string representing the object policy ID. 118 :param policy_type: A string representing the object policy type. 119 :param query_id: A string representing the object query ID. 120 :param enabled: A boolean representing whether the object is enabled. 121 :param title: A string representing the object title. 122 :param description: A string representing the object description. 123 :param remediation: A string representing the remediation strategy for the object. 124 :param severity: A string representing the object severity. 125 ("info", "low", "medium", "high", "critical") 126 :param alert_enabled: A boolean representing whether alerting is enabled. 127 :param alert_profile: A string representing the alert profile. 128 :param limit: An integer representing the number of results to return. 129 :param eval_frequency: A string representing the frequency in which to evaluate the object. 130 ("Hourly", "Daily") 131 :param request_params: Additional request parameters. 132 (provides support for parameters that may be added in the future) 133 134 :return response json 135 """ 136 137 if enabled is not None: 138 enabled = bool(enabled) 139 140 if alert_enabled is not None: 141 alert_enabled = bool(alert_enabled) 142 143 return super().update( 144 id=policy_id, 145 policy_type=policy_type, 146 query_id=query_id, 147 enabled=enabled, 148 title=title, 149 description=description, 150 remediation=remediation, 151 severity=severity, 152 alert_enabled=alert_enabled, 153 alert_profile=alert_profile, 154 limit=limit, 155 eval_frequency=eval_frequency, 156 **request_params 157 ) 158 159 def delete(self, 160 policy_id): 161 """ 162 A method to delete a Policies object. 163 164 :param policy_id: A string representing the object policy ID. 165 166 :return response json 167 """ 168 169 return super().delete(id=policy_id)
A class used to implement CRUD create/read/update/delete functionality for Lacework API Endpoints
PoliciesAPI(session)
12 def __init__(self, session): 13 """ 14 Initializes the PoliciesAPI object. 15 16 :param session: An instance of the HttpSession class 17 18 :return PoliciesAPI object. 19 """ 20 21 super().__init__(session, "Policies")
Initializes the PoliciesAPI object.
Parameters
- session: An instance of the HttpSession class
:return PoliciesAPI object.
def
create( self, policy_type, query_id, enabled, title, description, remediation, severity, alert_enabled, alert_profile, evaluator_id=None, limit=None, eval_frequency=None, **request_params):
23 def create(self, 24 policy_type, 25 query_id, 26 enabled, 27 title, 28 description, 29 remediation, 30 severity, 31 alert_enabled, 32 alert_profile, 33 evaluator_id=None, 34 limit=None, 35 eval_frequency=None, 36 **request_params): 37 """ 38 A method to create a new Policies object. 39 40 :param policy_type: A string representing the object policy type. 41 :param query_id: A string representing the object query ID. 42 :param enabled: A boolean representing whether the object is enabled. 43 :param title: A string representing the object title. 44 :param description: A string representing the object description. 45 :param remediation: A string representing the remediation strategy for the object. 46 :param severity: A string representing the object severity. 47 ("info", "low", "medium", "high", "critical") 48 :param alert_enabled: A boolean representing whether alerting is enabled. 49 :param alert_profile: A string representing the alert profile. 50 :param evaluator_id: A string representing the evaluator in which the object is to be run. 51 :param limit: An integer representing the number of results to return. 52 :param eval_frequency: A string representing the frequency in which to evaluate the object. 53 ("Hourly", "Daily") 54 :param request_params: Additional request parameters. 55 (provides support for parameters that may be added in the future) 56 57 :return response json 58 """ 59 60 return super().create( 61 policy_type=policy_type, 62 query_id=query_id, 63 enabled=int(bool(enabled)), 64 title=title, 65 description=description, 66 remediation=remediation, 67 severity=severity, 68 alert_enabled=alert_enabled, 69 alert_profile=alert_profile, 70 evaluator_id=evaluator_id, 71 limit=limit, 72 eval_frequency=eval_frequency, 73 **request_params 74 )
A method to create a new Policies object.
Parameters
- policy_type: A string representing the object policy type.
- query_id: A string representing the object query ID.
- enabled: A boolean representing whether the object is enabled.
- title: A string representing the object title.
- description: A string representing the object description.
- remediation: A string representing the remediation strategy for the object.
- severity: A string representing the object severity. ("info", "low", "medium", "high", "critical")
- alert_enabled: A boolean representing whether alerting is enabled.
- alert_profile: A string representing the alert profile.
- evaluator_id: A string representing the evaluator in which the object is to be run.
- limit: An integer representing the number of results to return.
- eval_frequency: A string representing the frequency in which to evaluate the object. ("Hourly", "Daily")
- request_params: Additional request parameters. (provides support for parameters that may be added in the future)
:return response json
def
get(self, policy_id=None):
76 def get(self, 77 policy_id=None): 78 """ 79 A method to get Policies objects. 80 81 :param policy_id: A string representing the object policy ID. 82 83 :return response json 84 """ 85 86 return super().get(id=policy_id)
A method to get Policies objects.
Parameters
- policy_id: A string representing the object policy ID.
:return response json
def
get_by_id(self, policy_id):
88 def get_by_id(self, 89 policy_id): 90 """ 91 A method to get a Policies object by policy ID. 92 93 :param policy_id: A string representing the object policy ID. 94 95 :return response json 96 """ 97 98 return self.get(policy_id=policy_id)
A method to get a Policies object by policy ID.
Parameters
- policy_id: A string representing the object policy ID.
:return response json
def
update( self, policy_id, policy_type=None, query_id=None, enabled=None, title=None, description=None, remediation=None, severity=None, alert_enabled=None, alert_profile=None, limit=None, eval_frequency=None, **request_params):
100 def update(self, # noqa: C901 101 policy_id, 102 policy_type=None, 103 query_id=None, 104 enabled=None, 105 title=None, 106 description=None, 107 remediation=None, 108 severity=None, 109 alert_enabled=None, 110 alert_profile=None, 111 limit=None, 112 eval_frequency=None, 113 **request_params): 114 """ 115 A method to update a Lacework Query Language (LQL) policy. 116 117 :param policy_id: A string representing the object policy ID. 118 :param policy_type: A string representing the object policy type. 119 :param query_id: A string representing the object query ID. 120 :param enabled: A boolean representing whether the object is enabled. 121 :param title: A string representing the object title. 122 :param description: A string representing the object description. 123 :param remediation: A string representing the remediation strategy for the object. 124 :param severity: A string representing the object severity. 125 ("info", "low", "medium", "high", "critical") 126 :param alert_enabled: A boolean representing whether alerting is enabled. 127 :param alert_profile: A string representing the alert profile. 128 :param limit: An integer representing the number of results to return. 129 :param eval_frequency: A string representing the frequency in which to evaluate the object. 130 ("Hourly", "Daily") 131 :param request_params: Additional request parameters. 132 (provides support for parameters that may be added in the future) 133 134 :return response json 135 """ 136 137 if enabled is not None: 138 enabled = bool(enabled) 139 140 if alert_enabled is not None: 141 alert_enabled = bool(alert_enabled) 142 143 return super().update( 144 id=policy_id, 145 policy_type=policy_type, 146 query_id=query_id, 147 enabled=enabled, 148 title=title, 149 description=description, 150 remediation=remediation, 151 severity=severity, 152 alert_enabled=alert_enabled, 153 alert_profile=alert_profile, 154 limit=limit, 155 eval_frequency=eval_frequency, 156 **request_params 157 )
A method to update a Lacework Query Language (LQL) policy.
Parameters
- policy_id: A string representing the object policy ID.
- policy_type: A string representing the object policy type.
- query_id: A string representing the object query ID.
- enabled: A boolean representing whether the object is enabled.
- title: A string representing the object title.
- description: A string representing the object description.
- remediation: A string representing the remediation strategy for the object.
- severity: A string representing the object severity. ("info", "low", "medium", "high", "critical")
- alert_enabled: A boolean representing whether alerting is enabled.
- alert_profile: A string representing the alert profile.
- limit: An integer representing the number of results to return.
- eval_frequency: A string representing the frequency in which to evaluate the object. ("Hourly", "Daily")
- request_params: Additional request parameters. (provides support for parameters that may be added in the future)
:return response json
def
delete(self, policy_id):
159 def delete(self, 160 policy_id): 161 """ 162 A method to delete a Policies object. 163 164 :param policy_id: A string representing the object policy ID. 165 166 :return response json 167 """ 168 169 return super().delete(id=policy_id)
A method to delete a Policies object.
Parameters
- policy_id: A string representing the object policy ID.
:return response json