GithubHelp home page GithubHelp logo

davidmoremad / dome9 Goto Github PK

View Code? Open in Web Editor NEW
2.0 2.0 2.0 361 KB

Python wrapper for the Dome9 API

Home Page: https://dome9.readthedocs.io/

License: MIT License

Python 100.00%
cloudsecurity cspm dome9 python cloudguard cloudguard-dome9 ci cicd

dome9's Introduction

Dome9 (Python SDK)

๐Ÿšจ This package is not maintained anymore. I recommend you to use the official Dome9 Python SDK

GitHub License Documentation Status Test PyPI - Python Version PyPI

Dome9, also known as Checkpoint CloudGuard, is a cloud native security solutions for securing assets and workloads. At the core of this solution, CloudGuard Posture Management visualizes and assesses security posture, detects misconfigurations, automates and actively enforces standard policies (GDPR, HIPAA, ISO27001...), and protects against attacks and insider threats.

This repository contains a Python SDK of this tool. Initially its SDK did not have much functionality and that is why I developed this one to be able to work and include it within my Continuous Integration processes.

If you want to integrate Dome9 as part of your CI, check my other modules: Dome9 CLI and Agile.

Installation

pip install dome9

๐Ÿ“š Documentation: https://dome9.readthedocs.io/

Usage

There are two ways to authenticate:

  • As Arguments: Passing variables on init -> Dome9(key='xxxxxx', secret='yyyyyyy')
  • As Environment variables: Setting your credentials as environment variables -> DOME9_ACCESS_KEY and DOME9_SECRET_KEY
from dome9 import Dome9

dome9 = Dome9(key='xxxxxx', secret='yyyyyyy')

rulesets = dome9.list_rulesets()
export DOME9_ACCESS_KEY='xxxxxxxxxxxxxxxxxxxx'
export DOME9_SECRET_KEY='yyyyyyyyyyyyyyyyyyyy'
python -c "from dome9 import Dome9; print(Dome9().list_rulesets())"

What can I do?

  • ๐ŸŒต List all cloud accounts -> dome9.list_cloud_accounts()
  • ๐ŸŒป List AWS accounts -> dome9.list_aws_accounts()
  • ๐ŸŒท List KUBERNETES accounts -> dome9.list_kubernetes_accounts()
  • ๐ŸŒผ Create ruleset -> dome9.create_ruleset()
  • ๐ŸŒด Create remediation -> dome9.create_remediation()
  • ๐ŸŒฒ Connect new AWS account -> dome9.create_aws_account()
  • ๐ŸŒน Run assessment -> dome9.run_assessment()
  • ๐Ÿ€ List all your cloud assets -> dome9.list_protected_assets()

dome9's People

Stargazers

avatar avatar

Watchers

avatar avatar

Forkers

samforger mdlopresti

dome9's Issues

๐Ÿž Setup.py -> io.open() instead open() for Python2 compatibility

Error installing dome9 (0.5) due to use of open() on setup.py:

Error build: https://github.com/Telefonica/dome9-cli/runs/6594916448?check_suite_focus=true

Collecting dome9
  Downloading dome9-0.4.1.tar.gz (9.0 kB)
    ERROR: Command errored out with exit status 1:
     command: /opt/hostedtoolcache/Python/2.7.18/x64/bin/python -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-zDaJct/dome9/setup.py'"'"'; __file__='"'"'/tmp/pip-install-zDaJct/dome9/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-NBhNnu
         cwd: /tmp/pip-install-zDaJct/dome9/
    Complete output (7 lines):
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-install-zDaJct/dome9/setup.py", line 26, in <module>
        version=read_file('VERSION').strip(),
      File "/tmp/pip-install-zDaJct/dome9/setup.py", line [21](https://github.com/Telefonica/dome9-cli/runs/6594916448?check_suite_focus=true#step:4:22), in read_file
        with open(filename, encoding="utf-8") as f:
    TypeError: 'encoding' is an invalid keyword argument for this function
    ----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
Error: Process completed with exit code 1.

Solution: https://bugs.launchpad.net/pbr/+bug/1470551

๐Ÿ› ๏ธ Handle 404 errors to avoid crashes on CLI 

Traceback (most recent call last):
  File "C:\Users\david\Repositories\dome9-cli\cli\dome9cli.py", line 304, in <module>
    fire.Fire(Dome9CLI())
  File "C:\Users\david\.virtualenvs\dome9-cli-b-5h-f_6\lib\site-packages\fire\core.py", line 141, in Fire
    component_trace = _Fire(component, args, parsed_flag_args, context, name)
  File "C:\Users\david\.virtualenvs\dome9-cli-b-5h-f_6\lib\site-packages\fire\core.py", line 466, in _Fire
    component, remaining_args = _CallAndUpdateTrace(
  File "C:\Users\david\.virtualenvs\dome9-cli-b-5h-f_6\lib\site-packages\fire\core.py", line 681, in _CallAndUpdateTrace
    component = fn(*varargs, **kwargs)
  File "C:\Users\david\Repositories\dome9-cli\cli\dome9cli.py", line 294, in get_assessment
    data = self._dome9.get_assessment(assessmentId)
  File "C:\Users\david\.virtualenvs\dome9-cli-b-5h-f_6\lib\site-packages\dome9\dome9.py", line 426, in get_assessment
    return self._get(route='AssessmentHistoryV2/%s' % str(assessmentId))
  File "C:\Users\david\.virtualenvs\dome9-cli-b-5h-f_6\lib\site-packages\dome9\dome9.py", line 65, in _get
    return self._request('get', route, payload)
  File "C:\Users\david\.virtualenvs\dome9-cli-b-5h-f_6\lib\site-packages\dome9\dome9.py", line 61, in _request
    raise Exception(err)
Exception: {'code': 404, 'message': 'Not Found', 'content': b'Resource with id 2222222222222 of type AssessmentHistoryEntity was not found'}

Question about run_assessment

Hi, David.
Thanks for writing a great code.
I have a question about your code.

When I run "dome9.run_assessment", I get a 500 error, but I cannot determine if the problem is on the Dome9 side or in my code.
Here is the code I ran. All arguments are set separately with type str.

from dome9 import Dome9
dome9 = Dome9(key=api_key_id, secret=api_secret_key)
dome9.run_assessment(rulesetId, cloudAccountId, region=None)

And here is the error statement.

Exception: {'code': 500, 'message': 'Internal Server Error', 'content': b'An error has occured.'}

Please let me know your thoughts on where the problem lies.

list_protected_assets does not return

While trying to use list_protected_assets() it does not ever return for me. I believe the issue is here as when I comment out this line I get the return I expect.

Am I using the package incorrectly or should this line be removed?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.