updated: 2023-04-27
Introduction
Aqua Security SDK to interact with Workload Protection and CSPM.
Aquasec Security SDK
GitHub Project = aquasec-api
python -m pip install aquasec-api
Early Testing Pre-Release:
pip install -i https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple aquasec-api==v0.0.1rc1
See Python Package Index
See Test Python Package Index
Aquasec Security CLI
Additionally there is a aquasec security cli that can accompany the SDK. Installing it is still under works, but allows for installation and ability to run directly from the CLI.
See Python Package Index
Installation:
>>> python -m pip install aquasec-cli
Collecting aquasec-cli
Using cached aquasec_cli-0.0.4-py3-none-any.whl (30 kB)
Collecting dataclasses>=0.6
Using cached dataclasses-0.6-py3-none-any.whl (14 kB)
Collecting PyYAML>=6.0
Using cached PyYAML-6.0-cp38-cp38-macosx_10_9_x86_64.whl (192 kB)
Collecting aquasec-api==0.0.2
Using cached aquasec-api-0.0.2.tar.gz (29 kB)
Preparing metadata (setup.py) ... done
Collecting click>=8.1.3
Using cached click-8.1.3-py3-none-any.whl (96 kB)
Collecting requests
Downloading requests-2.29.0-py3-none-any.whl (62 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 62.5/62.5 KB 975.5 kB/s eta 0:00:00
Collecting pyjwt
Using cached PyJWT-2.6.0-py3-none-any.whl (20 kB)
Collecting dict_to_dataclass
Using cached dict_to_dataclass-0.0.8-py3-none-any.whl (10 kB)
Collecting python-dateutil==2.8.1
Using cached python_dateutil-2.8.1-py2.py3-none-any.whl (227 kB)
Collecting six>=1.5
Using cached six-1.16.0-py2.py3-none-any.whl (11 kB)
Collecting urllib3<1.27,>=1.21.1
Using cached urllib3-1.26.15-py2.py3-none-any.whl (140 kB)
Collecting charset-normalizer<4,>=2
Using cached charset_normalizer-3.1.0-cp38-cp38-macosx_10_9_x86_64.whl (123 kB)
Collecting idna<4,>=2.5
Using cached idna-3.4-py3-none-any.whl (61 kB)
Collecting certifi>=2017.4.17
Using cached certifi-2022.12.7-py3-none-any.whl (155 kB)
Using legacy 'setup.py install' for aquasec-api, since package 'wheel' is not installed.
Installing collected packages: dataclasses, urllib3, six, PyYAML, pyjwt, idna, click, charset-normalizer, certifi, requests, python-dateutil, dict_to_dataclass, aquasec-api, aquasec-cli
Running setup.py install for aquasec-api ... done
Successfully installed PyYAML-6.0 aquasec-api-0.0.2 aquasec-cli-0.0.4 certifi-2022.12.7 charset-normalizer-3.1.0 click-8.1.3 dataclasses-0.6 dict_to_dataclass-0.0.8 idna-3.4 pyjwt-2.6.0 python-dateutil-2.8.1 requests-2.29.0 six-1.16.0 urllib3-1.26.15
The CLI tool does come with additional help. It is best to create the authorization using the init option then from there you can leverage other commands as they are built out and ensure to always remove the Auth with the Delete option. Help should be available at all sub commands.
>>> aquasec-cli --help
Usage: aquasec-cli [OPTIONS] COMMAND [ARGS]...
AquaSec CLI tool to manage AquaSec Tenant
Options:
--help Show this message and exit.
Commands:
delete Deletes created API Auth
init Initializes API Auth
reports Generate CIS Bench Reports
>>> aquasec-cli init --help
Usage: aquasec-cli init [OPTIONS]
Initializes API Auth
Args: csp_roles (_type_): _description_ endpoints (_type_):
_description_
Options:
--csp_roles TEXT Creates Aquasec auth token
--endpoints TEXT Endpoint Call Allowed
--help Show this message and exit.
>>> aquasec-cli reports --help
Usage: aquasec-cli reports [OPTIONS]
Generate CIS Bench Reports
Args: report_type (_type_): _description_ cluster_name (_type_):
_description_ report_location (_type_): _description_
Options:
-r, --report_type [cis|kube_bench|linux|openshift|disa_stig|all]
Report type to genorate
-c, --cluster_name TEXT Supply Cluster name
-l, --report_location TEXT Directory to write out report to; please
ensure proper formatting given the system
you are on [required]
--help Show this message and exit.
>>> aquasec-cli delete --help
Usage: aquasec-cli delete [OPTIONS]
Deletes created API Auth
Options:
--yes
--help Show this message and exit.