Assessments¶
run_assessment¶
-
dome9.dome9.Dome9.
run_assessment
(self, rulesetId, cloudAccountId, cloudAccountType, region=None) Run compliance assessments on Cloud Accounts, and get the results
Parameters: - rulesetId (str) – Id of the Compliance Policy Ruleset to run
- cloudAccountId (str) – Id of the Cloud Account
- cloudAccountType (str) – Type of the Cloud Account (Google, Aws, Azure, Kubernetes, …)
- region (str, optional) – Set a specific region. Defaults to None.
Returns: Assessment result. Ref: /docs/source/schemas/AssessmentResults.json
Return type: dict
- Response object:
{ "request": { "dome9CloudAccountId": "00000000-0000-0000-0000-000000000000", "externalCloudAccountId": "string", "cloudAccountId": "string", "region": "string", "cloudNetwork": "string", "cloudAccountType": "Aws", "requestId": "00000000-0000-0000-0000-000000000000" }, "tests": [ { "error": "string", "testedCount": 0, "relevantCount": 0, "nonComplyingCount": 0, "exclusionStats": { "testedCount": 0, "relevantCount": 0, "nonComplyingCount": 0 }, "entityResults": [ { "validationStatus": "Relevant", "isRelevant": true, "isValid": true, "isExcluded": true, "exclusionId": "00000000-0000-0000-0000-000000000000", "remediationId": "00000000-0000-0000-0000-000000000000", "error": "string", "testObj": {} } ], "rule": { "name": "string", "severity": "Low", "logic": "string", "description": "string", "remediation": "string", "complianceTag": "string", "domain": "string", "priority": "string", "controlTitle": "string", "ruleId": "string", "logicHash": "string", "isDefault": true }, "testPassed": true } ], "locationMetadata": { "account": { "srl": "string", "name": "string", "id": "string", "externalId": "string" }, "region": { "srl": "string", "name": "string", "id": "string", "externalId": "string" }, "cloudNetwork": { "srl": "string", "name": "string", "id": "string", "externalId": "string" } }, "testEntities": { "notSupported": [{}], "instance": [{}], "securityGroup": [{}], "elb": [{}], "rds": [{}], "lambda": [{}], "region": [{}], "virtualMachine": [{}], "networkSecurityGroup": [{}], "cloudTrail": [{}], "nacl": [{}], "vpc": [{}], "subnet": [{}], "s3Bucket": [{}], "applicationLoadBalancer": [{}], "iamUser": [{}], "iamRole": [{}], "iam": [{}], "redshift": [{}], "kms": [{}], "default": [{}], "vmInstance": [{}], "iamGroup": [{}], "efs": [{}], "network": [{}], "elastiCache": [{}], "loadBalancer": [{}], "vNet": [{}], "sqldb": [{}], "redisCache": [{}], "applicationGateway": [{}], "resourceGroup": [{}], "sqlServer": [{}], "ecsCluster": [{}], "keyVault": [{}], "networkLoadBalancer": [{}], "networkInterface": [{}], "ecsTaskDefinition": [{}], "iamPolicy": [{}], "volume": [{}], "cloudFront": [{}], "kinesis": [{}], "iamServerCertificate": [{}], "route53HostedZone": [{}], "route53RecordSetGroup": [{}], "acmCertificate": [{}], "route53Domain": [{}], "storageAccount": [{}], "dynamoDbTable": [{}], "ami": [{}], "vpnGateway": [{}], "virtualMfaDevices": [{}], "internetGateway": [{}], "wafRegional": [{}], "lock": [{}], "vpnConnection": [{}], "ecsTask": [{}], "customerGateway": [{}], "gcpSecurityGroup": [{}], "elasticIP": [{}], "iamInstanceProfile": [{}], "storageBucket": [{}], "ecsService": [{}], "project": [{}], "serviceAccount": [{}], "kmsKeyRing": [{}], "dataWarehouse": [{}], "guardDutyDetector": [{}], "gcpIamPolicy": [{}], "gcpIamUser": [{}], "apiGateway": [{}], "gcpGsuiteUser": [{}], "gcpGsuiteGroup": [{}], "gcpIamGroup": [{}], "bigQuery": [{}], "routeTable": [{}], "gkeCluster": [{}], "postgreSQL": [{}], "vpcFlowLog": [{}], "iamAccountSummary": [{}], "sageMakerNotebook": [{}], "containerRegistry": [{}], "inspector": [{}], "kmsAliases": [{}], "passwordPolicy": [{}], "configurationRecorder": [{}], "cosmosDbAccount": [{}], "networkWatcher": [{}], "vpcPeeringConnection": [{}], "metricAlarm": [{}], "snsSubscription": [{}], "logGroup": [{}], "metricFilter": [{}], "cloudWatchEventsRule": [{}], "awsIamAccessKey": [{}], "kubernetesNode": [{}], "kubernetesPod": [{}], "kubernetesService": [{}], "logProfile": [{}], "policyAssignment": [{}], "kubernetesNetworkPolicy": [{}], "kubernetesIngress": [{}], "kubernetesPodSecurityPolicy": [{}], "cloudSql": [{}], "kubernetesKubelet": [ {} ] }, "dataSyncStatus": [ { "entityType": "NotSupported", "recentlySuccessfulSync": true, "generalFetchPermissionIssues": true, "entitiesWithPermissionIssues": [ { "externalId": "string", "name": "string", "cloudVendorIdentifier": "string" } ] } ], "assessmentPassed": true, "hasErrors": true, "id": 0 }
get_assessment¶
-
dome9.dome9.Dome9.
get_assessment
(self, assessmentId) Get results of an assesment by id
Parameters: assessmentId (str) – Report/Assessment id Returns: Assesment result. Ref: /docs/source/schemas/AssessmentResults.json Return type: dict - Response object:
{ "request": { "dome9CloudAccountId": "00000000-0000-0000-0000-000000000000", "externalCloudAccountId": "string", "cloudAccountId": "string", "region": "string", "cloudNetwork": "string", "cloudAccountType": "Aws", "requestId": "00000000-0000-0000-0000-000000000000" }, "tests": [ { "error": "string", "testedCount": 0, "relevantCount": 0, "nonComplyingCount": 0, "exclusionStats": { "testedCount": 0, "relevantCount": 0, "nonComplyingCount": 0 }, "entityResults": [ { "validationStatus": "Relevant", "isRelevant": true, "isValid": true, "isExcluded": true, "exclusionId": "00000000-0000-0000-0000-000000000000", "remediationId": "00000000-0000-0000-0000-000000000000", "error": "string", "testObj": {} } ], "rule": { "name": "string", "severity": "Low", "logic": "string", "description": "string", "remediation": "string", "complianceTag": "string", "domain": "string", "priority": "string", "controlTitle": "string", "ruleId": "string", "logicHash": "string", "isDefault": true }, "testPassed": true } ], "locationMetadata": { "account": { "srl": "string", "name": "string", "id": "string", "externalId": "string" }, "region": { "srl": "string", "name": "string", "id": "string", "externalId": "string" }, "cloudNetwork": { "srl": "string", "name": "string", "id": "string", "externalId": "string" } }, "testEntities": { "notSupported": [{}], "instance": [{}], "securityGroup": [{}], "elb": [{}], "rds": [{}], "lambda": [{}], "region": [{}], "virtualMachine": [{}], "networkSecurityGroup": [{}], "cloudTrail": [{}], "nacl": [{}], "vpc": [{}], "subnet": [{}], "s3Bucket": [{}], "applicationLoadBalancer": [{}], "iamUser": [{}], "iamRole": [{}], "iam": [{}], "redshift": [{}], "kms": [{}], "default": [{}], "vmInstance": [{}], "iamGroup": [{}], "efs": [{}], "network": [{}], "elastiCache": [{}], "loadBalancer": [{}], "vNet": [{}], "sqldb": [{}], "redisCache": [{}], "applicationGateway": [{}], "resourceGroup": [{}], "sqlServer": [{}], "ecsCluster": [{}], "keyVault": [{}], "networkLoadBalancer": [{}], "networkInterface": [{}], "ecsTaskDefinition": [{}], "iamPolicy": [{}], "volume": [{}], "cloudFront": [{}], "kinesis": [{}], "iamServerCertificate": [{}], "route53HostedZone": [{}], "route53RecordSetGroup": [{}], "acmCertificate": [{}], "route53Domain": [{}], "storageAccount": [{}], "dynamoDbTable": [{}], "ami": [{}], "vpnGateway": [{}], "virtualMfaDevices": [{}], "internetGateway": [{}], "wafRegional": [{}], "lock": [{}], "vpnConnection": [{}], "ecsTask": [{}], "customerGateway": [{}], "gcpSecurityGroup": [{}], "elasticIP": [{}], "iamInstanceProfile": [{}], "storageBucket": [{}], "ecsService": [{}], "project": [{}], "serviceAccount": [{}], "kmsKeyRing": [{}], "dataWarehouse": [{}], "guardDutyDetector": [{}], "gcpIamPolicy": [{}], "gcpIamUser": [{}], "apiGateway": [{}], "gcpGsuiteUser": [{}], "gcpGsuiteGroup": [{}], "gcpIamGroup": [{}], "bigQuery": [{}], "routeTable": [{}], "gkeCluster": [{}], "postgreSQL": [{}], "vpcFlowLog": [{}], "iamAccountSummary": [{}], "sageMakerNotebook": [{}], "containerRegistry": [{}], "inspector": [{}], "kmsAliases": [{}], "passwordPolicy": [{}], "configurationRecorder": [{}], "cosmosDbAccount": [{}], "networkWatcher": [{}], "vpcPeeringConnection": [{}], "metricAlarm": [{}], "snsSubscription": [{}], "logGroup": [{}], "metricFilter": [{}], "cloudWatchEventsRule": [{}], "awsIamAccessKey": [{}], "kubernetesNode": [{}], "kubernetesPod": [{}], "kubernetesService": [{}], "logProfile": [{}], "policyAssignment": [{}], "kubernetesNetworkPolicy": [{}], "kubernetesIngress": [{}], "kubernetesPodSecurityPolicy": [{}], "cloudSql": [{}], "kubernetesKubelet": [ {} ] }, "dataSyncStatus": [ { "entityType": "NotSupported", "recentlySuccessfulSync": true, "generalFetchPermissionIssues": true, "entitiesWithPermissionIssues": [ { "externalId": "string", "name": "string", "cloudVendorIdentifier": "string" } ] } ], "assessmentPassed": true, "hasErrors": true, "id": 0 }