sec interface — VMware Salt API

sec interface — VMware Salt API

sec interface

The LoadedMod class allows for the module loaded onto the sub to return custom sequencing, for instance it can be iterated over to return all functions

assess_policy(policy_uuid: <class 'uuid.UUID'>)
Returns: <class 'dict'>

Run assessment of checks in a policy

Parameters

policy_uuid:Policy UUID to assess.

Response

Job ID for assessment run for specified policy.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.assess_policy(
    policy_uuid="1f90f261-1668-486e-a1d3-4dd68ef3020c"
)
Response
RPCResponse(
    riq=4,
    ret={
        "success": true,
        "errors": [],
        "jid": "20190125001746553804"
    },
    error=None,
    warnings=[])
delete_custom_benchmarks(benchmark_uuids: list[uuid.UUID])

Delete custom benchmarks

Parameters

benchmark_uuids:List of custom benchmark UUIDs.

Returns

Returns nothing if the benchmark was successfully deleted

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.delete_custom_benchmarks(
    benchmark_uuids=["e912435e-2c38-4cfa-aa1e-985c83aa8a22"]
)
Response
RPCResponse(
    riq=4,
    ret={},
    error=None,
    warnings=[])
delete_custom_checks(check_uuids: list[uuid.UUID])

Delete custom checks

Parameters

check_uuids:List of custom check UUIDs.

Returns

Returns nothing if the check was successfully deleted

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.delete_custom_checks(
    check_uuids=["e912435e-2c38-4cfa-aa1e-985c83aa8a22"]
)
Response
RPCResponse(
    riq=4,
    ret={},
    error=None,
    warnings=[])
delete_exemption(policy_uuid: <class 'uuid.UUID'>, exemption_uuid: <class 'uuid.UUID'>)
Returns: <class 'dict'>

Delete an exemption

Parameters

policy_uuid:UUID of the policy.
exemption_uuid:UUID of the exemption.

Returns

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.delete_exemption(
    policy_uuid="e912435e-2c38-4cfa-aa1e-985c83aa8a22",
    exemption_uuid="3a776df3-9c4d-4d54-8e1f-dc0c189f0f68"
)
Response
RPCResponse(
    riq=4,
    ret={"uuid": "3a776df3-9c4d-4d54-8e1f-dc0c189f0f68"},
    error=None,
    warnings=[])
delete_policy(policy_uuid: <class 'uuid.UUID'>)
Returns: <class 'bool'>

Delete a existing security policy.

Parameters

policy_uuid:UUID of the policy to delete.

Returns

Response code from deleting the policy.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.delete_policy(
    policy_uuid="db1ae70f-768e-4486-adae-b83546a09dea"
)
Response
RPCResponse(
    riq=4,
    ret=True,
    error=None,
    warnings=[])
download_content(auto_ingest: bool | None = True)

Download Locke tarball and expand the files into hub.opts['cachedir'] + /locke Once the download and expansion is complete, call ingest to put them in the raas filesystem

download_policy_report(policy_uuid: <class 'uuid.UUID'>, jid: str | None)
Returns: <class 'str'>

Download report for a policy assessment

Parameters

policy_uuid:UUID of the policy.
jid:Job ID of the report to download. This parameter is optional.

Response

JSON formatted report file.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.download_policy_report(
    policy_uuid="3c625016-9dbf-44d8-b97c-17f4361b78a0"
)
Response

JSON formatted report file.

get_benchmark_dependencies(benchmark_uuid: <class 'uuid.UUID'>)
Returns: <class 'dict'>

Get the dependencies for a benchmark i.e. which policies and checks reference it

Parameters

benchmark:UUID of the benchmark.

Returns

Returns the list of policies and checks that reference this benchmark

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_benchmark_dependencies(
    benchmark_uuid="e912435e-2c38-4cfa-aa1e-985c83aa8a22"
)
Response
RPCResponse(
    riq=4,
    ret={
        "policies": ["d3c68d55-04d7-4451-8f1e-f2b3e6d9ff3f", "b6da0147-2bbd-4497-b11b-b9f5548e7297"],
        "checks": [{"uuid":"563577e3-e84f-4204-a89b-8456df96c34f", "other_benchmark_references": True},
                   {"uuid":"475a6070-56d5-49a0-840b-000efe8780e0", "other_benchmark_references": False]
    },
    error=None,
    warnings=[])
get_benchmarks(benchmark_uuid: uuid.UUID | None, policy_uuid: uuid.UUID | None, names: list[str] | None, os: list[str] | None, authority_names: list[str] | None, type_names: list[str] | None, limit: int | None = 50, page: int | None, sort_by: str | None, reverse: bool | None)
Returns: <class 'dict'>

Get information about benchmarks

Get information about one or more benchmarks.

Parameters

benchmark_uuid:UUID of the benchmark.
policy_uuid:List of benchmarks enabled within a given policy.
names:List of benchmarks matching names.
os:List of benchmarks applicable to specified OS.
authority_names:List of benchmarks matching authority names such as CIS, DISA STIGs.
type_name:List of benchmarks matching type such as Unix, Windows.
limit:Maximum number of policies to return.
sort_by:Sort results by supplied field.
page:Return results specified by page number.

Returns

List of benchmarks matching specified criteria.

Examples

Request 1
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_benchmarks()
Response 1
RPCResponse(
    riq=4,
    ret={
        "count": 7,
        "results": [
            {
                "uuid": "6b8ab80b-87a4-4f0c-8b6a-8bacf7c5853a",
                "name": "CIS_CentOS_Linux_7_Benchmark_v2.2.0-1",
                "display_name": "CIS CentOS Linux 7 Benchmark v2.2.0",
                "version": "1",
                "description": "Benchmark Description goes here",
                "authority": "CIS",
                "os": "None",
                "type": "cis",
                "dep_date": null,
                "last_update": "2019-01-24T19:43:40.310324",
                "user_flag": "None",
                "policies": [
                    "b0714471-64cb-4446-a302-1e4ab6ec9cde"
                ]
            }
        ]
    },
    error=None,
    warnings=[])
Request 2
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_benchmarks(
    benchmark_uuid="6b8ab80b-87a4-4f0c-8b6a-8bacf7c5853a",
    policy_uuid="b0714471-64cb-4446-a302-1e4ab6ec9cde"
)
Response 2
RPCResponse(
    riq=4,
    ret={
        "count": 1,
        "results": [
            {
                "uuid": "6b8ab80b-87a4-4f0c-8b6a-8bacf7c5853a",
                "name": "CIS_CentOS_Linux_7_Benchmark_v2.2.0-1",
                "display_name": "CIS CentOS Linux 7 Benchmark v2.2.0",
                "version": "1",
                "description": "Benchmark Description goes here",
                "authority": "CIS",
                "os": "None",
                "type": "cis",
                "dep_date": null,
                "last_update": "2019-01-24T19:43:40.310324",
                "user_flag": "None",
                "policies": [
                    "b0714471-64cb-4446-a302-1e4ab6ec9cde"
                ]
            }
          ]
    },
    error=None,
    warnings=[])
get_check_dependencies(check_uuid: <class 'uuid.UUID'>, include_in_response: list[str] | None)
Returns: <class 'dict'>

Get the dependencies for a check i.e. which policies and benchmarks reference it

Parameters

check_uuid:UUID of the custom check.
include_in_response:Select the blocks of results that should appear in the response. By default all results will appear in response. Following list are acceptable results, policies, benchmarks, exemptions.

Returns

Returns the list of policies and benchmarks that reference this check

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_check_dependencies(
    check_uuid="e912435e-2c38-4cfa-aa1e-985c83aa8a22"
)
Response
RPCResponse(
    riq=4,
    ret={
        "policies": ["d3c68d55-04d7-4451-8f1e-f2b3e6d9ff3f", "b6da0147-2bbd-4497-b11b-b9f5548e7297"],
        "benchmarks": ["563577e3-e84f-4204-a89b-8456df96c34f", "475a6070-56d5-49a0-840b-000efe8780e0"],
        "exemptions": [{'uuid': UUID('76523fe6-4feb-4ca3-af98-75a1a58aff0a'),
                        'policy_uuid': UUID('0ac8ba09-399d-4748-880c-9a9088ec5551'),
                        'master_id': None,
                        'minion_id': None,
                        'reason': 'why not'}]
    },
    error=None,
    warnings=[])
get_check_details(check_uuid: <class 'uuid.UUID'>)
Returns: <class 'dict'>

Get detailed information about a check

Parameters

check_uuid:UUID of the check.

Response

Details for check matching check UUID.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_check_details(
    check_uuid="0c3df74e-d0ca-4c6e-9d2f-39035ff98f7a"
)
Response
RPCResponse(
    riq=4,
    ret={
        "uuid": "0c3df74e-d0ca-4c6e-9d2f-39035ff98f7a",
        "name": "locke.system.file.at_cron_authorized_users",
        "version": "1",
        "display_name": "Ensure at/cron is restricted to authorized users",
        "state_fs_uuid": "e78a934f-0355-4fc7-9d4c-3ccb1a5fcb79",
        "mini_meta_fs_uuid": "16666977-7d8b-44bd-9cd3-909546673098",
        .
        .
        .
    },
    error=None,
    warnings=[])
get_check_minions(policy_uuid: <class 'uuid.UUID'>, check_uuid: uuid.UUID | None, check_names: list[str] | None, minion_ids: list[str] | None, exempt: bool | None, jid: str | None, state: list[str] | None, state_invert: bool | None, action: str | None, include_in_response: list[str] | None, grains: dict | None, comment: str | None, changes: str | None, sort_by: str | None, reverse: bool | None, page: int | None, limit: int | None = 50)
Returns: <class 'dict'>

Get minion-related information about checks

Parameters

policy_uuid:Policy UUID
check_uuid:List information about a specific check UUID included in a policy.
check_names:List of checks with matching check names.
minion_ids:List of minions matching minion-ids.
exempt:Limit results to minions that are exempt (True) or non exempt (False).
jid:Filter results by assessment job id.
state:Filter results by compliance state of the check or minion.
action:Filter results by compliance action, assess or remediate.
include_in_response:Select the blocks of results that should appear in the response. By default all results will appear in response. Following list are acceptable results, check_summary, minion_summary, check_stats, minion_stats, check_report, check_exempt, overall_stats.
grains:Grains to select, filter and sort by.
comment:Filter results by assessment or remediation comment.
changes:Filter results by assessment or remediation changes.
sort_by:Sort by compliance states Compliant, Not Compliant, Not Applicable, Error, and Unknown.
reverse:Set to True to reverse sort order.
page:Return results specified by page number.
limit:Maximum number of results to return.

Response

Returns results matching criteria sent in the request.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_check_minions(
    policy_uuid="3c625016-9dbf-44d8-b97c-17f4361b78a0"
)
Response
RPCResponse(
    riq=4,
    ret={
        "count": 3,
        "results": [
            {
                "check_name": "locke.system.service.sshd_maxauthtries",
                "check_display_name": "Ensure SSH MaxAuthTries is set to 4 or less",
                "policy_uuid": "3c625016-9dbf-44d8-b97c-17f4361b78a0",
                "policy_name": "SecOps",
                "check_uuid": "80492e63-af0b-41c8-9a5b-b202be658561",
                "check_version": "1",
             .
             .
             .
            }
        ]
    },
    error=None,
    warnings=[])
get_check_variables(policy_uuid: uuid.UUID | None, benchmark_uuids: list[uuid.UUID] | None, check_uuids: list[uuid.UUID] | None, exclude_check_uuids: list[uuid.UUID] | None, sort_by: str | None, reverse: bool | None, page: int | None, limit: int | None = 50)
Returns: <class 'dict'>

Get variables for one or more checks

Parameters

policy_uuid:UUID of the policy.
benchmark_uuids:List of benchmark UUIDs.
check_uuids:List of check UUIDs.
exclude_check_uuids:List of check UUIDs to exclude.
sort_by:Sort results by supplied field.
reverse:Set to True to reverse sort order.
page:Return results specified by page number.
limit:Maximum number of results to return.

Returns

Returns information about variables for one or more check UUIDs.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_check_variables(
    check_uuids=["2e0e216d-1f8e-4e47-9bd5-e0a33ca7665c"]
)
Response
RPCResponse(
    riq=4,
    ret={
        "count": 1,
        "results": [{
            "check_uuid": "2e0e216d-1f8e-4e47-9bd5-e0a33ca7665c",
            "check_name": "locke.system.service.sshd_maxauthtries",
            "variables": [{
                "name": "_locke.system.service.sshd_maxauthtries.SSHD_CONFIG_MAXAUTHTRIES",
                "uuid": "a0e2a5fc-4a1f-49e8-a27f-55e983491f99",
                "scope": "local",
                "check_uuid": "2e0e216d-1f8e-4e47-9bd5-e0a33ca7665c",
                "description": "Maximum number of authentication attempts permitted per connection",
                "default_value": "4"
            }]
        }]
    },
    error=None,
    warnings=[])
get_checks(policy_uuid: uuid.UUID | None, benchmark_uuids: list[uuid.UUID] | None, names: list[str] | None, sort_by: str | None, reverse: bool | None, page: int | None, limit: int | None = 50, user_flag: str | None)
Returns: <class 'dict'>

Get information about checks

List information about checks

Parameters

policy_uuid:Filter by this policy_uuid.
benchmark_uuids:List of checks matching one or more benchmark UUIDs.
user_flag:Filter checks by user_flag 'C' - Custom 'S' - Aria Config None - All
names:List of checks matching names.
reverse:Set to True to reverse sort order.
sort_by:Sort results by supplied field.
page:Return results specified by page number.
limit:Maximum number of checks to return.

Returns

List of checks matching selected criteria.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_checks(
    benchmark_uuids=["6b8ab80b-87a4-4f0c-8b6a-8bacf7c5853a"],
    policy_uuid = "fc760dae-b3a4-45e6-a910-5f7f76b08b59"
)
Response
RPCResponse(
    riq=4,
    ret={
        "count": 224,
        "results": [
            {
                "uuid": "0c3df74e-d0ca-4c6e-9d2f-39035ff98f7a",
                "name": "locke.system.file.at_cron_authorized_users",
                "version": "1",
                "display_name": "Ensure at/cron is restricted to authorized users",
                "state_fs_uuid": "e78a934f-0355-4fc7-9d4c-3ccb1a5fcb79",
                "mini_meta_fs_uuid": "16666977-7d8b-44bd-9cd3-909546673098",
                .
                .
                .
            }
        ]
    },
    error=None,
    warnings=[])
get_content_stats(custom: <class 'bool'>)
Returns: <class 'dict'>

Get the stats for the lastest ingested content

param hub:
param custom:

True|False

return:

dict = { results: None|dict = {

uuid, ingest_date, benchmarks, checks

} errors: List of error messages

get_policies(policy_uuids: list[uuid.UUID] | None, names: list[str] | None, tgt_uuids: list[uuid.UUID] | None, include_stats: bool | None, sort_by: str | None, reverse: bool | None, page: int | None, limit: int | None = 50)
Returns: <class 'dict'>

Get summary information on known security policies.

Get information about configured policies.

Parameters

policy_uuids:List of security policy UUIDs. This parameter is optional when retrieving a list of policies.
names:List of security policy names. This parameter is optional when retrieving a list of policies.
tgt_uuids:List of security policy target group UUIDs. This parameter accepts one or more tgt_uuids.
include_stats:Set to True to include stats in response. Set to False by default.
sort_by:Sort results by supplied field.
reverse:Set to True to reverse sort order.
page:Return results specified by page number.
limit:Maximum number of policies to return.

Returns

List of policies matching the request criteria.

Examples

Request 1
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_policies(
    policy_uuids=[
        "f768e864-b5c2-494f-a116-8c335edcb7bd",
        "292372eb-ce12-4c6f-bbfc-bf916ba02649"
    ],
    include_stats=True
)
Response 1
RPCResponse(
    riq=4,
    ret={
        "count": 1,
        "results": [
          {
            "uuid": "51f06de4-60ae-4cf3-83c1-65635941b4ba",
             "name": "Oracle",
             "tgt_uuid": "2b6bbf3d-b728-44de-8c4a-9e019fc50175",
             "tgt_name": "OracleLinux",
             "schedule_uuid": null,
             "last_update": "2018-12-13T05:21:33.170597",
             "last_assess_jid": "20181213052141677720",
             "last_assess_timestamp": "2018-12-13T05:21:41.637187",
             "last_remed_jid": "20181213052240095855",
             "last_remed_timestamp": "2018-12-13T05:22:40.050577",
             "schedule": null,
               "variables": [
                 {
                   "check_uuid": null,
                      "var_name": null,
                      "var_value": null
                 }
                  ],
                  "stats": {
                    "compliant": 2,
                    "noncompliant": 18
                  }
               }
             ],
               "check_count": 20,
               "minion_count": 1
    },
    error=None,
    warnings=[])
Request 2
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_policies()
Response 2
RPCResponse(
    riq=4,
    ret={
        "results": [
            {
                "last_remed_jid": null,
                "name": "Security Policy",
                "schedule_uuid": null,
                "uuid": "fae4aa90-8e0c-4fda-b52b-b53ee0593f3e",
                "last_assess_timestamp": null,
                "tgt_uuid": "7f93b928-388b-11e6-b133-346895ecb8f3",
                "stats": {
                    "unknown": 88
                },
                "schedule": null,
                "variables": [
                    {
                        "var_name": null,
                        "var_value": null,
                        "check_uuid": null
                    }
                ],
                "last_remed_timestamp": null,
                "last_assess_jid": null,
                "tgt_name": "All Minions",
                "last_update": "2019-01-13T19:55:54.476425"
            }
        ],
        "check_count": 22,
        "count": 1,
        "minion_count": 0
    },
    error=None,
    warnings=[])
get_policy_run_history(policy_uuid: <class 'uuid.UUID'>, jid: str | None, state: list[str] | None, fun: str | None, user: str | None, expected: int | None, returned: int | None, sort_by: str | None, reverse: bool | None, page: int | None, limit: int | None = 50)
Returns: <class 'dict'>

Get assessment and remediation runs against the policy

Parameters

policy_uuid:UUID of the policy.
jid:Job ID
fun:Job function name.
state:Filter by one or more statuses of the assessment or remediation runs.
user:Name of the user who ran the policy.
expected:Number of expected minions to return a result.
returned:Number of minions which returned a result.
sort_by:Sort results by supplied field.
reverse:Set to True to reverse sort order.
page:Return results specified by page number.
limit:Maximum number of results to return.

Returns

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_policy_run_history(
    policy_uuid="e912435e-2c38-4cfa-aa1e-985c83aa8a22"
)
Response
RPCResponse(
    riq=4,
    ret={
        "count": 2,
        "results": [{
            "jid": "20190127194046350020",
            "state": "completed_failures",
            "fun": "policy.assessment",
            "user": "root",
            "expected": 8,
            "returned": 8,
            "returned_good": 5,
            "returned_failed": 3,
            "create_time": "2019-01-27T19:42:53.087028",
            "user_uuid": "80c67364-cb31-4f4b-972a-e7ea3f752bb8",
            "uuid": "e912435e-2c38-4cfa-aa1e-985c83aa8a22",
            "name": "demo",
            "tgt_uuid": "7f93b928-388b-11e6-b133-346895ecb8f3",
            "schedule_uuid": null,
            "last_update": "2019-01-27T19:40:40.544772",
            "last_assess_jid": "20190127194046350020",
            "last_assess_timestamp": "2019-01-27T19:40:46.323247",
            "last_remed_jid": null,
            "last_remed_timestamp": null
        }]
    },
    error=None,
    warnings=[])
get_stats(include_in_response: list[str] | None)
Returns: <class 'dict'>

Get statistics for SecOps

Parameters

include_in_response:Stats to include in response. It accepts following values checks_assessed_all_time checks_remediated_all_time checks_assessed_latest checks_remediated_latest assessment_jobs_run remediation_jobs_run policies_created policies_with_schedule policies_with_expired_schedules policies_never_assessed checks_by_benchmark checks_by_benchmark_in_policy checks_by_benchmark_not_in_policy policies_with_exemptions status_all_time status_since_last_assessment check_status_by_benchmark_all_time check_status_by_benchmark_since_last_assessment content_stats

Returns

Response with stats requested.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_stats()
Response
RPCResponse(
    riq=4,
    ret={
        "policies_created": 2,
        "policies_with_schedule": 0,
        "remediation_jobs_run": 9,
        "checks_by_benchmark": {"PCI-DSS-3.2": 44, "CCE": 81, "800-171": 76, "CIS-CentOS7": 223, "CIS-RHEL7": 222, "CIS": 182, "CIS-CentOS": 1, "CCE-Win16": 111, "CIS-RHEL": 1, "CIS_CentOS7": 1, "CIS_RHEL7": 1, "800-53": 68, "CIS-Win16": 34, "CIS-Win10": 31, "CCE-Win10": 95},
        "status_all_time": {"compliant": 71830, "noncompliant": 85882, "notapplicable": 1414},
        "content_stats": {
            "uuid": "16386268-f2e1-4ab3-8e46-7f59131dee48",
            "content_benchmarks": 7,
            "success": true,
            "db_benchmarks": 7,
            "ingest_date": "2019-01-27T14:07:49.898504",
            "content_checks": 437,
            "db_checks": 437,
            "errors": null
        },
        "checks_assessed_all_time": 226,
        "checks_remediated_all_time": 226
    },
    error=None,
    warnings=[])
get_stats_history(since_time: int | None = 1, time_unit: str | None = hours, sort_by: str | None, reverse: bool | None, page: int | None, limit: int | None = 50)
Returns: <class 'dict'>

Get statistics History for SecOps

Parameters

since_time:Filter results by time.
time_unit:Unit of time to filter the results.
sort_by:Sort results by supplied field.
reverse:Set to True to reverse sort order.
page:Return results specified by page number.
limit:Maximum number of results to return.

Returns

Returns stats history.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.get_stats_history(
    since_time=7300,
    time_unit="days"
)
Response
RPCResponse(
    riq=4,
    ret={
        "results": [{
            "uuid": "4db84e45-974f-4456-8125-57f7533f3d96",
            "stats": {
                "policies_created": 1,
                "policies_with_schedule": 0,
                "remediation_jobs_run": 1,
                .
                .
                .
            }
        }]
    },
    error=None,
    warnings=[])
ingest_all_content(filename: <class 'str'>, content_type: <class 'str'>, blob: bytes | str)

Download Secure Content tarball

param hub:
param filename:
param content_type:application/x-gzip
param blob:binary blob or base64 encoded
return:dict = {

}

ingest_custom_content(filename: <class 'str'>, content_type: <class 'str'>, blob: bytes | str)

Download Custom Content tarball

param hub:
param filename:
param content_type:application/x-gzip
param blob:binary blob or base64 encoded
return:dict = {

}

remediate_policy(policy_uuid: <class 'uuid.UUID'>, check_uuids: list[uuid.UUID] | None, minions: dict | None, pre_remediation: str | None, post_remediation: str | None)
Returns: <class 'dict'>

Remediate one or more checks in a policy

Parameters

policy_uuid:UUID of the policy to remediate.
check_uuids:Check UUIDs included in the policy to remediate.
minions:Minions to remediate.
pre_remediation:State file to run before remediation routine.
post_remediation:State file to run after remediation routine.

Response

Job ID for remediation run.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.remediate_policy(
    policy_uuid="3c625016-9dbf-44d8-b97c-17f4361b78a0",
    minions={"master2_master":["master2"]},
    check_uuids=["80492e63-af0b-41c8-9a5b-b202be658561"]
)
Response
RPCResponse(
    riq=4,
    ret={
        "success": true,
        "errors": [],
        "jid": "20190125002727876899"
    },
    error=None,
    warnings=[])
save_exemption(policy_uuid: <class 'uuid.UUID'>, reason: <class 'str'>, check_uuids: list[uuid.UUID] | None, minion_ids: list[dict] | None)
Returns: <class 'dict'>

Add or update an exemption on a policy

Parameters

policy_uuid:UUID of the policy.
reason:Reason for exemption.
check_uuids:UUIDs of checks that are exempt.
minion_ids:Minion IDs that are exempt.

Returns

Success or error code from saving exemption.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.save_exemption(
    policy_uuid="e912435e-2c38-4cfa-aa1e-985c83aa8a22",
    reason="Approved by CISO",
    minion_ids=[{"master1_master":["oracle"]}],
    check_uuids=["70ceb294-0ce0-4144-8e8a-26301609cce1"]
)
Response
RPCResponse(
    riq=4,
    ret={
        "count": 1,
        "results": [{
            "uuid": "3a776df3-9c4d-4d54-8e1f-dc0c189f0f68",
            "policy_uuid": "e912435e-2c38-4cfa-aa1e-985c83aa8a22",
            "check_uuid": "02b952e3-1d8c-4db3-8771-3edf23e0a0dd",
            "master_id": "master1_master",
            "minion_id": "oracle",
            "reason": "Approved by CISO"
        }]
    },
    error=None,
    warnings=[])
save_policy(name: <class 'str'>, tgt_uuid: <class 'uuid.UUID'>, policy_uuid: uuid.UUID | None, benchmark_uuids: list[uuid.UUID] | None, check_uuids: list[uuid.UUID] | None, exclude_check_uuids: list[uuid.UUID] | None, variables: list[dict] | None, schedule: dict | None)
Returns: <class 'uuid.UUID'>

Save a new security policy or update an existing one.

Saves a policy.

Parameters

name:

Name of the security policy.

tgt_uuid:

UUID of the target group the security policy applies to.

policy_uuid:

UUID of the security policy. This parameter is optional when creating a new policy and required when updating an existing policy.

benchmark_uuids:

List of UUIDs of existing security policy benchmarks to include in the policy. The policy will include the checks from each benchmark in the list, minus any passed in check_uuids.

check_uuids:

Optional list of security policy checks to include in the policy. If benchmark_uuids is also given, the policy will include only checks that appear in at least one of the specified benchmarks.

exclude_check_uuids:

Optional list of security policy checks to exclude from the policy. This is useful for omitting some checks that would otherwise be included as part of the benchmarks passed in benchmark_uuids.

variables:
Optional list of security policy check variables to apply to

the policy. Each entry in the list is a dict containing three entries: check_uuid (UUID of the check the variable applies to), name (variable name), and value (variable value).

schedule:Optional dict defining schedule for running policy assessment. For details on the schedule structure, see the schedule parameter of the schedule.save() RPC method.

Returns

UUID of the new or updated policy.

Examples

Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.save_policy(
    name="Policy 1",
    tgt_uuid="919193da-604e-456d-87c4-90860f5e8b59",
    benchmark_uuids=[
        "22c8539e-f719-4d6a-9e14-c3c638a7be82",
        "026e3afb-d4a7-45be-b405-4f83fa7a3b3a"
    ]
)
Return
RPCResponse(
    riq=4,
    ret="de301811-80d2-4a89-bd24-93d025347394",
    error=None,
    warnings=[])
Request
from sseapiclient import APIClient
client = APIClient('http://localhost', 'root', 'salt')
client.api.sec.save_policy(
    name="Policy 2",
    tgt_uuid="61edbf8c-8b5c-483c-845b-ff12280aa171",
    benchmark_uuids=["4eec46a0-d029-4c3a-a8dd-c6cbb86b9659"],
    check_uuids=[
       "55c17549-095a-4dba-9817-0db845385eeb",
       "985b5057-42c8-4c86-8c8e-06d8b3f51472",
       "a2f200b6-6040-46bb-9005-9725e9b65490",
       "c0df2e2d-13df-457a-bbca-cb0cbf495525"
       ],
    variables=[{
        "check_uuid": "985b5057-42c8-4c86-8c8e-06d8b3f51472",
        "name": "_locke.system.service.sshd_maxauthtries.SSHD_CONFIG_MAXAUTHTRIES",
        "value": "3"
    }]
)
Response
RPCResponse(
    riq=4,
    ret="de301811-80d2-4a89-bd24-93d025347394",
    error=None,
    warnings=[])