Skip to main content

Python command line utility to the Tenchi Security Zanshin API v1

Project description

PyPI version shields.io PyPI pyversions

Zanshin CLI

This Python package provides a command-line utility to interact with the API of the Zanshin SaaS service from Tenchi Security.

Is it based on the Zanshin Python SDK available on Github and PyPI.

If you are a Zanshin customer and have any questions regarding the use of the service, its API or this command-line utility, please get in touch via e-mail at support {at} tenchisecurity {dot} com or via the support widget on the Zanshin Portal.

Installation

We recommend the CLI is installed using pipx, using the command:

pipx install zanshincli

When a new version is available, you can upgrade it with:

pipx upgrade zanshincli

Configuration File

The way the SDK and CLI handles credentials is by using a configuration file in the format created by the Python RawConfigParser class.

The file is located at ~/.tenchi/config, where ~ is the current user's home directory.

Each section is treated as a configuration profile, and the SDK and CLI will look for a section called default if another is not explicitly selected.

These are the supported options:

  • api_key (required) which contains the Zanshin API key obtained at the Zanshin web portal.
  • user_agent (optional) allows you to override the default user-agent header used by the SDK when making API requests.
  • api_url (optional) directs the SDK and CLI to use a different API endpoint than the default (https://api.zanshin.tenchisecurity.com).

You can populate the file with the zanshin init command of the CLI tool. This is what a minimal configuration file would look like:

[default]
api_key = abcdefghijklmnopqrstuvxyz

Using the CLI Utility

This package installs a command-line utility called zanshin built with the great Typer package.

You can obtain help by using the --help option.

Keep in mind that when options are present that expect multiple values, these need to be provided as multiple options. For example if you wanted to list an organization's alerts filtering by the OPEN and RISK_ACCEPTED states, this is the command you would use:

$ zanshin organization alerts d48edaa6-871a-4082-a196-4daab372d4a1 --state OPEN --state RISK_ACCEPTED

Command Reference

zanshin

Command-line utility to interact with the Zanshin SaaS service offered by Tenchi Security (https://tenchisecurity.com), go to https://github.com/tenchi-security/zanshin-cli for license, source code and documentation

Usage:

$ zanshin [OPTIONS] COMMAND [ARGS]...

Options:

  • --profile TEXT: Configuration file section to read API keyand configuration from [default: default]
  • --format [json|table|csv|html]: Output format to use for list operations [default: json]
  • --verbose / --no-verbose: Print more information to stderr [default: True]
  • --debug / --no-debug: Enable debug logging in the SDK [default: False]
  • --install-completion: Install completion for the current shell.
  • --show-completion: Show completion for the current shell, to copy it or customize the installation.
  • --help: Show this message and exit.

Commands:

  • account: Operations on user the API key owner has...
  • alert: Operations on alerts the API key owner has...
  • init: Update settings on configuration file.
  • organization: Operations on organizations the API key owner...
  • summary: Operations on summaries the API key owner has...
  • version: Display the program and Python versions in...

zanshin account

Operations on user the API key owner has direct access to

Usage:

$ zanshin account [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • api_key: Operations on API keys from account the API...
  • invites: Operations on invites from account the API...
  • me: Returns the details of the user account that...

zanshin account api_key

Operations on API keys from account the API key owner has direct access to

Usage:

$ zanshin account api_key [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • create: Creates a new API key for the current logged...
  • delete: Deletes a given API key by its id, it will...
  • list: Iterates over the API keys of current logged...

zanshin account api_key create

Creates a new API key for the current logged user, API Keys can be used to interact with the zanshin api directly a behalf of that user.

Usage:

$ zanshin account api_key create [OPTIONS] NAME

Arguments:

  • NAME: Name of the new API key [required]

Options:

  • --help: Show this message and exit.

zanshin account api_key delete

Deletes a given API key by its id, it will only work if the informed ID belongs to the current logged user.

Usage:

$ zanshin account api_key delete [OPTIONS] API_KEY_ID

Arguments:

  • API_KEY_ID: UUID of the invite to delete [required]

Options:

  • --help: Show this message and exit.

zanshin account api_key list

Iterates over the API keys of current logged user.

Usage:

$ zanshin account api_key list [OPTIONS]

Options:

  • --help: Show this message and exit.

zanshin account invites

Operations on invites from account the API key owner has direct access to

Usage:

$ zanshin account invites [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • accept: Accepts an invitation with the informed ID,...
  • get: Gets a specific invitation details, it only...
  • list: Iterates over the invites of current logged...

zanshin account invites accept

Accepts an invitation with the informed ID, it only works if the user accepting the invitation is the user that received the invitation.

Usage:

$ zanshin account invites accept [OPTIONS] INVITE_ID

Arguments:

  • INVITE_ID: UUID of the invite [required]

Options:

  • --help: Show this message and exit.

zanshin account invites get

Gets a specific invitation details, it only works if the invitation was made for the current logged user.

Usage:

$ zanshin account invites get [OPTIONS] INVITE_ID

Arguments:

  • INVITE_ID: UUID of the invite [required]

Options:

  • --help: Show this message and exit.

zanshin account invites list

Iterates over the invites of current logged user.

Usage:

$ zanshin account invites list [OPTIONS]

Options:

  • --help: Show this message and exit.

zanshin account me

Returns the details of the user account that owns the API key used by this Connection instance

Usage:

$ zanshin account me [OPTIONS]

Options:

  • --help: Show this message and exit.

zanshin alert

Operations on alerts the API key owner has direct access to

Usage:

$ zanshin alert [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • get: Returns details about a specified alert
  • list: List alerts from a given organization, with...
  • list_following: List following alerts from a given...
  • list_grouped: List grouped alerts from a given...
  • list_grouped_following: List grouped following alerts from a given...
  • list_history: List alerts from a given organization, with...
  • list_history_following: List alerts from a given organization, with...
  • update: Updates the alert.

zanshin alert get

Returns details about a specified alert

Usage:

$ zanshin alert get [OPTIONS] ALERT_ID

Arguments:

  • ALERT_ID: UUID of the alert to look up [required]

Options:

  • --list-history / --no-list-history: History of this alert [default: False]
  • --list-comments / --no-list-comments: Comments of this alert [default: False]
  • --help: Show this message and exit.

zanshin alert list

List alerts from a given organization, with optional filters by scan target, state or severity.

Usage:

$ zanshin alert list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --scan-target-id UUID: Only list alerts from the specified scan targets
  • --states [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|MITIGATING_CONTROL|FALSE_POSITIVE|CLOSED]: Only list alerts in the specified states [default: OPEN, IN_PROGRESS, RISK_ACCEPTED, MITIGATING_CONTROL, FALSE_POSITIVE]
  • --severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
  • --language [pt-BR|en-US]: Show alert titles in the specified language [default: en-US]
  • --created-at-start TEXT: Date created starts at (format YYYY-MM-DDTHH:MM:SS)
  • --created-at-end TEXT: Date created ends at (format YYYY-MM-DDTHH:MM:SS)
  • --updated-at-start TEXT: Date updated starts at (format YYYY-MM-DDTHH:MM:SS)
  • --updated-at-end TEXT: Date updated ends at (format YYYY-MM-DDTHH:MM:SS)
  • --search TEXT: Text to search for in the alerts [default: ]
  • --sort [asc|desc]: Sort order [default: desc]
  • --order [scanTargetId|resource|rule|severity|state|createdAt|updatedAt]: Field to sort results on [default: severity]
  • --help: Show this message and exit.

zanshin alert list_following

List following alerts from a given organization, with optional filters by following ids, state or severity.

Usage:

$ zanshin alert list_following [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --following-ids UUID: Only list alerts from the specified scan targets
  • --states [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|MITIGATING_CONTROL|FALSE_POSITIVE|CLOSED]: Only list alerts in the specified states [default: OPEN, IN_PROGRESS, RISK_ACCEPTED, MITIGATING_CONTROL, FALSE_POSITIVE]
  • --severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
  • --created-at-start TEXT: Date created starts at (format YYYY-MM-DDTHH:MM:SS)
  • --created-at-end TEXT: Date created ends at (format YYYY-MM-DDTHH:MM:SS)
  • --updated-at-start TEXT: Date updated starts at (format YYYY-MM-DDTHH:MM:SS)
  • --updated-at-end TEXT: Date updated ends at (format YYYY-MM-DDTHH:MM:SS)
  • --search TEXT: Text to search for in the alerts [default: ]
  • --sort [asc|desc]: Sort order [default: desc]
  • --order [scanTargetId|resource|rule|severity|state|createdAt|updatedAt]: Field to sort results on [default: severity]
  • --help: Show this message and exit.

zanshin alert list_grouped

List grouped alerts from a given organization, with optional filters by scan target, state or severity.

Usage:

$ zanshin alert list_grouped [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --scan-target-id UUID: Only list alerts from the specified scan targets
  • --state [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|MITIGATING_CONTROL|FALSE_POSITIVE|CLOSED]: Only list alerts in the specified states [default: OPEN, IN_PROGRESS, RISK_ACCEPTED, MITIGATING_CONTROL, FALSE_POSITIVE]
  • --severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
  • --help: Show this message and exit.

zanshin alert list_grouped_following

List grouped following alerts from a given organization, with optional filters by scan target, state or severity.

Usage:

$ zanshin alert list_grouped_following [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --following-ids UUID: Only list alerts from the specified scan targets
  • --state [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|MITIGATING_CONTROL|FALSE_POSITIVE|CLOSED]: Only list alerts in the specified states [default: OPEN, IN_PROGRESS, RISK_ACCEPTED, MITIGATING_CONTROL, FALSE_POSITIVE]
  • --severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
  • --help: Show this message and exit.

zanshin alert list_history

List alerts from a given organization, with optional filters by scan target, state or severity

Usage:

$ zanshin alert list_history [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --scan-target-id UUID: Only list alerts from the specified scan targets
  • --cursor TEXT: Cursor for pagination
  • --persist / --no-persist: Persist [default: False]
  • --help: Show this message and exit.

zanshin alert list_history_following

List alerts from a given organization, with optional filters by scan target, state or severity

Usage:

$ zanshin alert list_history_following [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --following-ids UUID: Only list alerts from the specified scan targets
  • --cursor TEXT: Cursor for pagination
  • --persist / --no-persist: Persist [default: False]
  • --help: Show this message and exit.

zanshin alert update

Updates the alert.

Usage:

$ zanshin alert update [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID ALERT_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization that owns the alert [required]
  • SCAN_TARGET_ID: UUID of the scan target associated with the alert [required]
  • ALERT_ID: UUID of the alert [required]

Options:

  • --state [OPEN|IN_PROGRESS|RISK_ACCEPTED|MITIGATING_CONTROL|FALSE_POSITIVE]: New alert state
  • --labels TEXT: Custom label(s) for the alert
  • --comment TEXT: A comment when setting the alert state to RISK_ACCEPTED, FALSE_POSITIVE, MITIGATING_CONTROL
  • --help: Show this message and exit.

zanshin init

Update settings on configuration file.

Usage:

$ zanshin init [OPTIONS]

Options:

  • --help: Show this message and exit.

zanshin organization

Operations on organizations the API key owner has direct access to

Usage:

$ zanshin organization [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • create: Creates an organization.
  • delete: Deletes an organization given its ID.
  • follower: Operations on followers of organization the...
  • following: Operations on following of organization the...
  • get: Gets an organization given its ID.
  • list: Lists the organizations this user has direct...
  • member: Operations on members of organization the API...
  • scan-target-groups: Operations on organizations scan target...
  • scan_target: Operations on scan targets from organizations...
  • update: Gets an organization given its ID.

zanshin organization create

Creates an organization.

Usage:

$ zanshin organization create [OPTIONS] NAME

Arguments:

  • NAME: Name of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization delete

Deletes an organization given its ID.

Usage:

$ zanshin organization delete [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization follower

Operations on followers of organization the API key owner has direct access to

Usage:

$ zanshin organization follower [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • list: Lists the followers of organization this user...
  • request: Operations on follower requests of...
  • stop: Stops one organization follower of another.

zanshin organization follower list

Lists the followers of organization this user has direct access to.

Usage:

$ zanshin organization follower list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization follower request

Operations on follower requests of organization the API key owner has directaccess to

Usage:

$ zanshin organization follower request [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • create: Create organization follower request.
  • delete: Delete organization follower request.
  • get: Get organization follower request.
  • list: Lists the follower requests of organization...
zanshin organization follower request create

Create organization follower request.

Usage:

$ zanshin organization follower request create [OPTIONS] ORGANIZATION_ID TOKEN

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • TOKEN: Token of the follower request [required]

Options:

  • --help: Show this message and exit.
zanshin organization follower request delete

Delete organization follower request.

Usage:

$ zanshin organization follower request delete [OPTIONS] ORGANIZATION_ID TOKEN

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • TOKEN: Token of the follower request [required]

Options:

  • --help: Show this message and exit.
zanshin organization follower request get

Get organization follower request.

Usage:

$ zanshin organization follower request get [OPTIONS] ORGANIZATION_ID TOKEN

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • TOKEN: Token of the follower request [required]

Options:

  • --help: Show this message and exit.
zanshin organization follower request list

Lists the follower requests of organization this user has direct access to.

Usage:

$ zanshin organization follower request list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization follower stop

Stops one organization follower of another.

Usage:

$ zanshin organization follower stop [OPTIONS] ORGANIZATION_ID ORGANIZATION_FOLLOWER_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_FOLLOWER_ID: UUID of the organization follower [required]

Options:

  • --help: Show this message and exit.

zanshin organization following

Operations on following of organization the API key owner has direct access to

Usage:

$ zanshin organization following [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • list: Lists the following of organization this user...
  • request: Operations on following requests of...
  • stop: Stops one organization following of another.

zanshin organization following list

Lists the following of organization this user has direct access to.

Usage:

$ zanshin organization following list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization following request

Operations on following requests of organization the API key owner hasdirect access to

Usage:

$ zanshin organization following request [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • accept: Accepts a request to follow another...
  • decline: Declines a request to follow another...
  • get: Returns a request received by an organization...
  • list: Lists the following requests of organization...
zanshin organization following request accept

Accepts a request to follow another organization.

Usage:

$ zanshin organization following request accept [OPTIONS] ORGANIZATION_ID FOLLOWING_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • FOLLOWING_ID: UUID of the following request [required]

Options:

  • --help: Show this message and exit.
zanshin organization following request decline

Declines a request to follow another organization.

Usage:

$ zanshin organization following request decline [OPTIONS] ORGANIZATION_ID FOLLOWING_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • FOLLOWING_ID: UUID of the following request [required]

Options:

  • --help: Show this message and exit.
zanshin organization following request get

Returns a request received by an organization to follow another.

Usage:

$ zanshin organization following request get [OPTIONS] ORGANIZATION_ID FOLLOWING_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • FOLLOWING_ID: UUID of the following request [required]

Options:

  • --help: Show this message and exit.
zanshin organization following request list

Lists the following requests of organization this user has direct access to.

Usage:

$ zanshin organization following request list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization following stop

Stops one organization following of another.

Usage:

$ zanshin organization following stop [OPTIONS] ORGANIZATION_ID ORGANIZATION_FOLLOWING_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_FOLLOWING_ID: UUID of the organization following [required]

Options:

  • --help: Show this message and exit.

zanshin organization get

Gets an organization given its ID.

Usage:

$ zanshin organization get [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization list

Lists the organizations this user has direct access to as a member.

Usage:

$ zanshin organization list [OPTIONS]

Options:

  • --help: Show this message and exit.

zanshin organization member

Operations on members of organization the API key owner has direct access to

Usage:

$ zanshin organization member [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • delete: Delete organization member.
  • get: Get organization member.
  • invite: Operations on member invites of organization...
  • list: Lists the members of organization this user...
  • update: Update organization member.

zanshin organization member delete

Delete organization member.

Usage:

$ zanshin organization member delete [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_ID: UUID of the organization member [required]

Options:

  • --help: Show this message and exit.

zanshin organization member get

Get organization member.

Usage:

$ zanshin organization member get [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_ID: UUID of the organization member [required]

Options:

  • --help: Show this message and exit.

zanshin organization member invite

Operations on member invites of organization the API key owner has directaccess to

Usage:

$ zanshin organization member invite [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • create: Create organization member invite.
  • delete: Delete organization member invite.
  • get: Get organization member invite.
  • list: Lists the member invites of organization this...
  • resend: Resend organization member invitation.
zanshin organization member invite create

Create organization member invite.

Usage:

$ zanshin organization member invite create [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_INVITE_EMAIL

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_INVITE_EMAIL: E-mail of the organization member [required]

Options:

  • --organization-member-invite-role [ADMIN]: Role of the organization member [default: ADMIN]
  • --help: Show this message and exit.
zanshin organization member invite delete

Delete organization member invite.

Usage:

$ zanshin organization member invite delete [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_INVITE_EMAIL

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_INVITE_EMAIL: E-mail of the organization member [required]

Options:

  • --help: Show this message and exit.
zanshin organization member invite get

Get organization member invite.

Usage:

$ zanshin organization member invite get [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_INVITE_EMAIL

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_INVITE_EMAIL: E-mail of the organization member invite [required]

Options:

  • --help: Show this message and exit.
zanshin organization member invite list

Lists the member invites of organization this user has direct access to.

Usage:

$ zanshin organization member invite list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.
zanshin organization member invite resend

Resend organization member invitation.

Usage:

$ zanshin organization member invite resend [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_INVITE_EMAIL

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_INVITE_EMAIL: E-mail of the organization member [required]

Options:

  • --help: Show this message and exit.

zanshin organization member list

Lists the members of organization this user has direct access to.

Usage:

$ zanshin organization member list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization member update

Update organization member.

Usage:

$ zanshin organization member update [OPTIONS] ORGANIZATION_ID ORGANIZATION_MEMBER_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • ORGANIZATION_MEMBER_ID: UUID of the organization member [required]

Options:

  • --role [ADMIN]: Role of the organization member [default: ADMIN]
  • --help: Show this message and exit.

zanshin organization scan-target-groups

Operations on organizations scan target groups the API key owner has direct access to

Usage:

$ zanshin organization scan-target-groups [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • compartments: Iterates over the compartments of a scan...
  • create: Creates a scan target group for the...
  • create-by-compartments: Creates Scan Targets from previous listed...
  • delete: Deletes the scan target group of the...
  • get: Gets details of the scan target group given...
  • insert: Inserts an already created scan target group.
  • list: Lists the scan target groups of the user's...
  • oauth_link: Retrieve a link to allow the user to...
  • scan-targets: Gets all scan targets from a specific scan...
  • script: Gets download URL of the scan target group.
  • update: Updates a scan target group.

zanshin organization scan-target-groups compartments

Iterates over the compartments of a scan target group.

Usage:

$ zanshin organization scan-target-groups compartments [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups create

Creates a scan target group for the organization.

Usage:

$ zanshin organization scan-target-groups create [OPTIONS] ORGANIZATION_ID KIND:[AWS|GCP|AZURE|HUAWEI|DOMAIN|ORACLE|MS365|GITHUB|ZENDESK|GWORKSPACE|SLACK|BITBUCKET|JIRA|GITLAB|SALESFORCE] NAME

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • KIND:[AWS|GCP|AZURE|HUAWEI|DOMAIN|ORACLE|MS365|GITHUB|ZENDESK|GWORKSPACE|SLACK|BITBUCKET|JIRA|GITLAB|SALESFORCE]: kind of the scan target group. Should be 'ORACLE', 'BITBUCKET' or 'GITLAB' [required]
  • NAME: name of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups create-by-compartments

Creates Scan Targets from previous listed compartments inside the scan target group.

Usage:

$ zanshin organization scan-target-groups create-by-compartments [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID NAME OCID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]
  • NAME: Compartment name [required]
  • OCID: Oracle Compartment Id [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups delete

Deletes the scan target group of the organization.

Usage:

$ zanshin organization scan-target-groups delete [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups get

Gets details of the scan target group given its ID.

Usage:

$ zanshin organization scan-target-groups get [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups insert

Inserts an already created scan target group.

Usage:

$ zanshin organization scan-target-groups insert [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID REGION TENANCY_ID USER_ID KEY_FINGERPRINT

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]
  • REGION: Oracle cloud region [required]
  • TENANCY_ID: Oracle tenancyId [required]
  • USER_ID: Oracle userId [required]
  • KEY_FINGERPRINT: Oracle Fingerprint used for authentication [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups list

Lists the scan target groups of the user's organization.

Usage:

$ zanshin organization scan-target-groups list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups oauth_link

Retrieve a link to allow the user to authorize zanshin to read info from their scan target group environment.

Usage:

$ zanshin organization scan-target-groups oauth_link [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups scan-targets

Gets all scan targets from a specific scan target group.

Usage:

$ zanshin organization scan-target-groups scan-targets [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups script

Gets download URL of the scan target group.

Usage:

$ zanshin organization scan-target-groups script [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan-target-groups update

Updates a scan target group.

Usage:

$ zanshin organization scan-target-groups update [OPTIONS] ORGANIZATION_ID SCAN_TARGET_GROUP_ID NAME

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_GROUP_ID: UUID of the scan target group [required]
  • NAME: new name of the scan target group [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target

Operations on scan targets from organizations the API key owner has direct access to

Usage:

$ zanshin organization scan_target [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • check: Check scan target.
  • create: Create a new scan target in organization.
  • delete: Delete scan target of organization.
  • get: Get scan target of organization.
  • list: Lists the scan targets of organization this...
  • oauth_link: Retrieve a link to allow the user to...
  • onboard_aws: Create a new scan target in organization and...
  • onboard_aws_organization: For each of selected accounts in AWS...
  • scan: Operations on scan targets from organizations...
  • update: Update scan target of organization.

zanshin organization scan_target check

Check scan target.

Usage:

$ zanshin organization scan_target check [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target create

Create a new scan target in organization.

Usage:

$ zanshin organization scan_target create [OPTIONS] ORGANIZATION_ID KIND:[AWS|GCP|AZURE|HUAWEI|DOMAIN|ORACLE|MS365|GITHUB|ZENDESK|GWORKSPACE|SLACK|BITBUCKET|JIRA|GITLAB|SALESFORCE] NAME CREDENTIAL [SCHEDULE]

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • KIND:[AWS|GCP|AZURE|HUAWEI|DOMAIN|ORACLE|MS365|GITHUB|ZENDESK|GWORKSPACE|SLACK|BITBUCKET|JIRA|GITLAB|SALESFORCE]: kind of the scan target [required]
  • NAME: name of the scan target [required]
  • CREDENTIAL: credential of the scan target [required]
  • [SCHEDULE]: schedule of the scan target [default: {"frequency": "1d", "timeOfDay": "NIGHT"}]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target delete

Delete scan target of organization.

Usage:

$ zanshin organization scan_target delete [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target get

Get scan target of organization.

Usage:

$ zanshin organization scan_target get [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target list

Lists the scan targets of organization this user has direct access to.

Usage:

$ zanshin organization scan_target list [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target oauth_link

Retrieve a link to allow the user to authorize zanshin to read info from their scan target environment.

Usage:

$ zanshin organization scan_target oauth_link [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target onboard_aws

Create a new scan target in organization and perform onboard. Requires boto3 and correct AWS IAM Privileges. Checkout the required AWS IAM privileges here https://github.com/tenchi-security/zanshin-sdk-python/blob/main/zanshinsdk/docs/README.md

Usage:

$ zanshin organization scan_target onboard_aws [OPTIONS] REGION ORGANIZATION_ID NAME CREDENTIAL [SCHEDULE]

Arguments:

  • REGION: AWS Region to deploy CloudFormation [required]
  • ORGANIZATION_ID: UUID of the organization [required]
  • NAME: name of the scan target [required]
  • CREDENTIAL: credential of the scan target [required]
  • [SCHEDULE]: schedule of the scan target [default: {"frequency": "1d", "timeOfDay": "NIGHT"}]

Options:

  • --boto3-profile TEXT: Boto3 profile name to use for Onboard AWS Account
  • --help: Show this message and exit.

zanshin organization scan_target onboard_aws_organization

For each of selected accounts in AWS Organization, creates a new Scan Target in informed zanshin organization and performs onboarding. Requires boto3 and correct AWS IAM Privileges. Checkout the required AWS IAM privileges at https://github.com/tenchi-security/zanshin-cli/blob/main/src/lib/docs/README.md

Usage:

$ zanshin organization scan_target onboard_aws_organization [OPTIONS] REGION ORGANIZATION_ID [SCHEDULE]

Arguments:

  • REGION: AWS Region to deploy CloudFormation [required]
  • ORGANIZATION_ID: UUID of the organization [required]
  • [SCHEDULE]: schedule of the scan target [default: {"frequency": "1d", "timeOfDay": "NIGHT"}]

Options:

  • --target-accounts [ALL|MASTER|MEMBERS|NONE]: choose which accounts to onboard
  • --exclude-account TEXT: ID, Name, E-mail or ARN of AWS Account not to be onboarded
  • --boto3-profile TEXT: Boto3 profile name to use for Onboard AWS Account
  • --aws-role-name TEXT: Name of AWS role that allow access from Management Account to Member accounts [default: OrganizationAccountAccessRole]
  • --help: Show this message and exit.

zanshin organization scan_target scan

Operations on scan targets from organizations the API key owner has direct access to

Usage:

$ zanshin organization scan_target scan [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • get: Get scan of scan target.
  • list: Lists the scan target scans of organization...
  • start: Starts a scan on the specified scan target.
  • stop: Stop a scan on the specified scan target.
zanshin organization scan_target scan get

Get scan of scan target.

Usage:

$ zanshin organization scan_target scan get [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID SCAN_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]
  • SCAN_ID: UUID of the scan [required]

Options:

  • --help: Show this message and exit.
zanshin organization scan_target scan list

Lists the scan target scans of organization this user has direct access to.

Usage:

$ zanshin organization scan_target scan list [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --help: Show this message and exit.
zanshin organization scan_target scan start

Starts a scan on the specified scan target.

Usage:

$ zanshin organization scan_target scan start [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --force / --no-force: Whether to force running a scan target that has state INVALID_CREDENTIAL or NEW [default: False]
  • --help: Show this message and exit.
zanshin organization scan_target scan stop

Stop a scan on the specified scan target.

Usage:

$ zanshin organization scan_target scan stop [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]

Options:

  • --help: Show this message and exit.

zanshin organization scan_target update

Update scan target of organization.

Usage:

$ zanshin organization scan_target update [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID [NAME] [SCHEDULE]

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • SCAN_TARGET_ID: UUID of the scan target [required]
  • [NAME]: name of the scan target
  • [SCHEDULE]: schedule of the scan target

Options:

  • --help: Show this message and exit.

zanshin organization update

Gets an organization given its ID.

Usage:

$ zanshin organization update [OPTIONS] ORGANIZATION_ID [NAME] [PICTURE] [EMAIL]

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]
  • [NAME]: Name of the organization
  • [PICTURE]: Picture of the organization
  • [EMAIL]: Contact e-mail of the organization

Options:

  • --help: Show this message and exit.

zanshin summary

Operations on summaries the API key owner has direct access to

Usage:

$ zanshin summary [OPTIONS] COMMAND [ARGS]...

Options:

  • --help: Show this message and exit.

Commands:

  • alert: Gets a summary of the current state of alerts...
  • alert_following: Gets a summary of the current state of alerts...
  • scan: Returns summaries of scan results over a...
  • scan_following: Returns summaries of scan results over a...

zanshin summary alert

Gets a summary of the current state of alerts for an organization, both in total and broken down by scan target.

Usage:

$ zanshin summary alert [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --scan-target-id UUID: Only summarize alerts from the specified scan targets, defaults to all
  • --help: Show this message and exit.

zanshin summary alert_following

Gets a summary of the current state of alerts for followed organizations.

Usage:

$ zanshin summary alert_following [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --following-ids UUID: Only summarize alerts from the specified following, defaults to all
  • --help: Show this message and exit.

zanshin summary scan

Returns summaries of scan results over a period of time, summarizing number of alerts that changed states.

Usage:

$ zanshin summary scan [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --scan-target-ids UUID: Only summarize alerts from the specified scan targets, defaults to all
  • --days INTEGER: Number of days to go back in time in historical search [default: 7]
  • --help: Show this message and exit.

zanshin summary scan_following

Returns summaries of scan results over a period of time, summarizing number of alerts that changed states.

Usage:

$ zanshin summary scan_following [OPTIONS] ORGANIZATION_ID

Arguments:

  • ORGANIZATION_ID: UUID of the organization [required]

Options:

  • --following-ids UUID: Only summarize alerts from the specified following, defaults to all
  • --days INTEGER: Number of days to go back in time in historical search [default: 7]
  • --help: Show this message and exit.

zanshin version

Display the program and Python versions in use.

Usage:

$ zanshin version [OPTIONS]

Options:

  • --help: Show this message and exit.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zanshincli-1.6.6.tar.gz (31.7 kB view details)

Uploaded Source

Built Distribution

zanshincli-1.6.6-py3-none-any.whl (36.4 kB view details)

Uploaded Python 3

File details

Details for the file zanshincli-1.6.6.tar.gz.

File metadata

  • Download URL: zanshincli-1.6.6.tar.gz
  • Upload date:
  • Size: 31.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.2 CPython/3.10.15 Linux/6.5.0-1025-azure

File hashes

Hashes for zanshincli-1.6.6.tar.gz
Algorithm Hash digest
SHA256 750921d88afc89aff498b8dabca815720f71b0ba2b6bcb661164c66d7a5ce96f
MD5 3fe978f02af2dea3f2a8525a7c3a21e4
BLAKE2b-256 44559704c7d08c271b23b79fac5afa8afce49188c892c020d1deb7aacf0f00bb

See more details on using hashes here.

File details

Details for the file zanshincli-1.6.6-py3-none-any.whl.

File metadata

  • Download URL: zanshincli-1.6.6-py3-none-any.whl
  • Upload date:
  • Size: 36.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.2 CPython/3.10.15 Linux/6.5.0-1025-azure

File hashes

Hashes for zanshincli-1.6.6-py3-none-any.whl
Algorithm Hash digest
SHA256 d0057ff97921f947a41146575d1fb65f2e623dc58ab30c1847ad39a846428b9a
MD5 94f85e26d07bc6bc03b728773a609b85
BLAKE2b-256 cded259049f8eecc02e9ad8eabd22b3f9eac8c5463a7dc7feabbd85cb472c5f9

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page