Python Package for making API calls to the Prisma Cloud API using best practices.
Project description
Prisma Cloud Python Integration - PCPI
Python3 toolkit for Prisma Cloud APIs
Disclaimer
This tool is supported under "best effort" policies. Please see SUPPORT.md for details.
Announcements
Beta release 8/11/2022
Patch Notes
- Fixed Keyboard Interrupt exception handling
Beta release 9/15/2022
Patch Notes
- Renamed module
-
- session -> session_loader
Known bugs:
- Default logging library is missing output. Using loguru solves this in the meantime.
Beta release 9/14/2022
Patch Notes
- Renamed repo to match package name
- Reorganized repository to be compatible with PyPI package structure
- Examples file changed to support new file structure
- Package published to PyPi for easy use and updates
Known bugs:
- Default logging library is missing output. Using loguru solves this in the meantime.
Beta release 09/12/2022
Patch notes
- Modules and function name changes
-
- pc_session -> session
- Spelling and typo fixes
- Small bug fixes
API Toolkit python package is scheduled for release on 09/15/2022. With this release there will be a freeze on module/function names. Until then names are subject to change.
Known bugs:
- Default logging library is missing output. Using loguru solves this in the meantime.
Beta release 09/01/2022
Self Hosted CWP is not yet supported, coming soon.
No documentation yet but coming soon. Please refer to "examples.py" in the meantime.
Known bugs:
- Default logging library is missing output. Using loguru solves this in the meantime.
Installation
pip3 install pcpi
Setup
Use
Session Loaders
The session loader is a module that has functions for loading Prisma Cloud credentials from a file, environment variables, or from the user into your program. This ensures you get your script up and running as quickly as possible.
The session_loader function returns a session manager that is ready to be used to create a CSPM, CWP, or an On-Prem CWP session. The session manager is used to create the Prisma Cloud session object that you will be using to make API calls.
Examples
SaaS Examples
from loguru import logger
loguru_logger = logger
from pcpi import session_loader
#Defaults to a file named 'tenant_credentials.yml'
session_manager_default = session_loader.load_from_file(logger=loguru_logger)
#File must be a yaml (.yml) file.
#If a file that does not exist is specified, the script will build one.
session_manager = session_loader.load_from_file(file_path='~/secrets/my_secrets.yml')
cspm_session = session_manager.create_cspm_session()
cwp_session = session_manager.create_cwp_session()
response = cspm_session.request('GET', '/cloud')
print(response.json())
from pcpi import session_loader
session_manager = session_loader.load_from_env()
from pcpi import session_loader
session_manager = session_loader.load_from_user()
from pcpi import session_loader
session_manager = session_loader.onprem_load_from_file()
session_manager = session_loader.onprem_load_from_env()
session_manager = session_loader.onprem_load_from_user()
session_manager.create_cwp_session()
Session Managers
If you want to take control on how credentials are stored/loaded into your scripts, use the session managers directly and skip the session loader module. Session manager objects directly accept Prisma Cloud credentials into the object constructor.
This still creates the same Prisma Cloud session object that you use for API requests.
EXAMPLES
from pcpi import saas_session_manager
import logging
py_logger = logging.getLogger()
py_logger.setLevel(10)
session_manager = saas_session_manager.SaaSSessionManager(
tenant_name='My PC Tenant',
a_key='xxxxxxxxxxxxxxxxxxxxxxxxxx',
s_key='xxxxxxxxxxxxxxxxxxxxxxxxxx',
api_url='https://api.prismacloud.io',
logger=py_logger
)
cspm_session = session_manager.create_cspm_session()
cwp_session = session_manager.create_cwp_session()
from pcpi import onprem_session_manager
import logging
py_logger = logging.getLogger()
py_logger.setLevel(10)
session_manager = onprem_session_manager.CWPSessionManager(
tenant_name='My PC Tenant',
uname='xxxxxxxxxxxxxxxxxxxxxxxxxx',
passwd='xxxxxxxxxxxxxxxxxxxxxxxxxx',
api_url='https://api.prismacloud.io',
logger=py_logger
)
onprem_cwp_session = session_manager.create_cwp_session()
Requests
The Prisma Cloud Python Integration uses the Python3 Requests library to make API calls. The Prisma Cloud Session object that this tool provides has a wrapper function for API calls using the requests function from Requests. The main difference is that this tool handles the 'headers' section of the request for you. The remaining fields can be used just like you would use the requests library requests.request.
EXAMPLES
from loguru import logger
loguru_logger = logger
from pcpi import session_loader
#Defaults to a file named 'tenant_credentials.yml'
session_manager_default = session_loader.load_from_file(logger=loguru_logger)
cspm_session = session_manager.create_cspm_session()
response = cspm_session.request('GET', '/cloud')
print(response.json())
payload = {
"accountId":"xxxxx",
"accountType":"account",
"enabled":True,
"externalId":"xxxxxx",
"groupIds":["xxxxx"],
"name":"Name",
"protectionMode":"MONITOR",
"roleArn":"xxxxxxx",
"storageScanEnabled":False,
"vulnerabilityAssessmentEnabled":False
}
query_string = {"skipStatusChecks":1}
response = cspm_session.request('POST', '/cloud/aws', json=payload, params=query_string)
print(response.status_code)
Logging
Two logging libraries are supported by PCPI. The built in Python logging library (used by default) and Loguru. Loguru is strongly recommended but it is an additional dependency that you may not want.
EXAMPLES
#Minimum setup
from pcpi import session_loader
session_manager = session.load_from_file()
cspm_session = session_manager.create_cspm_session()
res = cspm_session.request('GET', '/cloud')
print(res.json())
#Recommended setup
from pcpi import session_loader
import loguru
session_manager = session.load_from_file(logger=loguru.logger)
cspm_session = session_manager.create_cspm_session()
res = cspm_session.request('GET', '/cloud')
print(res.json())
Function Reference
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pcpi-0.0.4.tar.gz.
File metadata
- Download URL: pcpi-0.0.4.tar.gz
- Upload date:
- Size: 13.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 10d80a893f434ec6d67c300574a1a232b86901ffc77ad149c644eb7e551f926a |
|
| MD5 | f8f0dc70dbe2af4ed7a07c4cddf16db3 |
|
| BLAKE2b-256 | 536a944c2c52bb677aff5cf591e8d781f3e09fd584b629537f9467fd2021cf04 |
File details
Details for the file pcpi-0.0.4-py3-none-any.whl.
File metadata
- Download URL: pcpi-0.0.4-py3-none-any.whl
- Upload date:
- Size: 14.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 19e95ff8d6c93fe37c15910f969ee4f60a2e4650fbe9f773e9053026cbb53d43 |
|
| MD5 | c5c0dbee90c6b1a143704a70ae80f7a6 |
|
| BLAKE2b-256 | 9b28e26b4a373a69f892a0a7c8691c3bd011c2de3e02d50374457fed094578ce |
