Deployments¶
Table of Contents
Client¶
-
class
Deployments.
Client
¶ A client object representing ‘Deployments’ Service:
import almdrlib client = almdrlib.client('deployments')
Available methods:
-
create_deployment
(**kwargs)¶ Create new deployment
Request Syntax
response = client.create_deployment( account_id='string' cloud_defender={ 'enabled': 'False|True', 'location_id': 'string' } credentials=[ { 'id': 'string', 'purpose': 'string', 'version': 'string' } ] discover='False|True' enabled='False|True' features={ 'abs': [ { 'scope': [ 'None' ] } ], 'fim': [ { 'scope': [ 'None' ] } ], 'scan': [ { 'scope': [ 'None' ] } ] } mode='manual'|'readonly'|'automatic'|'guided'|'none' name='string' platform='dict' scan='False|True' scope={ 'exclude': [ { 'key': 'string', 'type': 'region'|'vpc'|'subnet' } ], 'include': [ { 'key': 'string', 'policy': { 'id': 'string' }, 'type': 'deployment'|'region'|'vpc' } ] } version='number' )
- Parameters
account_id (string) – [REQUIRED]
cloud_defender (dict) –
The Cloud Defender product integration settings
enabled (boolean) –
Whether or not the Cloud Defender product integration is enabled, must be false
Default:
False
location_id (string) –
The Cloud Defender datacenter location name, default location_id will be set to account’s default defender location_id.
credentials (list) –
(dict) –
id (uuid) –
gen v4 UUID of the linked credential object
purpose (string) –
The purpose of the linked credential object. For ‘aws’ deployments: ‘discover’ and ‘x-account-monitor’ values are allowed. For ‘azure’ deployments: only discover is allowed For ‘datacenter’ deployments this is not valid
version (date) –
Credential validation policy version in YYYY-MM-DD format
discover (boolean) –
Whether or not the deployment is discovered. Default is true if not specified.
Default:
True
enabled (boolean) –
Whether or not the deployment is enabled. Default is true if not specified.
Default:
True
features (dict) –
abs (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
fim (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
scan (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
mode (string) –
For ‘aws’ deployments - Deployment mode (manual, readonly, automatic, guided or none). Default mode is automatic if not specified. For ‘azure’ deployments - Deployment mode, must be manual For ‘datacenter’ deployments - Deployment mode, must be manual
Valid values:
manual
,readonly
,automatic
,guided
,none
name (string) – The name of the deployment
platform (dict) –
scan (boolean) –
Whether or not the deployment is scanned. Default is true if not specified.
Default:
True
scope (dict) –
Definition of customer’s assets being protected
exclude (list) –
List of assets excluded from protection
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: region, vpc, subnet.
Valid values:
region
,vpc
,subnet
include (list) –
(dict) –
List of assets being protected
key (string) –
Asset Key
policy (dict) –
Details of the attached policy
id (string) –
gen v4 UUID of the attached policy
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
version (number) –
- Return type
dict
- Returns
Response Syntax
{ 'account_id': 'string', 'cloud_defender': { 'enabled': 'False|True', 'location': 'string' }, 'created': { 'at': 'number', 'by': 'string' }, 'credentials': [ { 'id': 'string', 'purpose': 'string', 'version': 'string' } ], 'discover': 'False|True', 'enabled': 'False|True', 'features': { 'abs': [ { 'scope': [ 'None' ] } ], 'fim': [ { 'scope': [ 'None' ] } ], 'scan': [ { 'scope': [ 'None' ] } ] }, 'id': 'string', 'mode': 'manual'|'readonly'|'automatic'|'guided'|'none', 'modified': { 'at': 'number', 'by': 'string' }, 'name': 'string', 'platform': 'dict', 'status': { 'status': 'string', 'updated': 'number' }, 'version': 'number' }
Response Definitions
account_id (string) –
cloud_defender (dict) –
enabled (boolean) –
location (string) –
created (dict) –
at (number) –
by (uuid) –
credentials (list) –
(dict) –
id (uuid) –
gen v4 UUID of the linked credential object
purpose (string) –
The purpose of the linked credential object. For ‘aws’ deployments: ‘discover’ and ‘x-account-monitor’ values are allowed. For ‘azure’ deployments: only discover is allowed For ‘datacenter’ deployments this is not valid
version (date) –
Credential validation policy version in YYYY-MM-DD format
discover (boolean) –
enabled (boolean) –
features (dict) –
abs (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
fim (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
scan (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
id (uuid) –
mode (string) –
Valid values:
manual
,readonly
,automatic
,guided
,none
modified (dict) –
at (number) –
by (uuid) –
name (string) –
platform (dict) –
status (dict) –
status (string) –
updated (number) –
version (number) –
-
delete_deployment
(**kwargs)¶ Delete Deployment
Request Syntax
response = client.delete_deployment( account_id='string' deployment_id='string' )
- Parameters
account_id (string) – [REQUIRED]
deployment_id (string) – [REQUIRED]
- Returns
None
-
get_deployment
(**kwargs)¶ Returns the deployment matching specified account_id and deployment_id
Request Syntax
response = client.get_deployment( account_id='string' deployment_id='string' )
- Parameters
account_id (string) – [REQUIRED]
deployment_id (string) – [REQUIRED]
- Return type
dict
- Returns
Response Syntax
{ 'account_id': 'string', 'cloud_defender': { 'enabled': 'False|True', 'location': 'string' }, 'created': { 'at': 'number', 'by': 'string' }, 'credentials': [ { 'id': 'string', 'purpose': 'string', 'version': 'string' } ], 'discover': 'False|True', 'enabled': 'False|True', 'features': { 'abs': [ { 'scope': [ 'None' ] } ], 'fim': [ { 'scope': [ 'None' ] } ], 'scan': [ { 'scope': [ 'None' ] } ] }, 'id': 'string', 'mode': 'manual'|'readonly'|'automatic'|'guided'|'none', 'modified': { 'at': 'number', 'by': 'string' }, 'name': 'string', 'platform': 'dict', 'status': { 'status': 'string', 'updated': 'number' }, 'version': 'number' }
Response Definitions
account_id (string) –
cloud_defender (dict) –
enabled (boolean) –
location (string) –
created (dict) –
at (number) –
by (uuid) –
credentials (list) –
(dict) –
id (uuid) –
gen v4 UUID of the linked credential object
purpose (string) –
The purpose of the linked credential object. For ‘aws’ deployments: ‘discover’ and ‘x-account-monitor’ values are allowed. For ‘azure’ deployments: only discover is allowed For ‘datacenter’ deployments this is not valid
version (date) –
Credential validation policy version in YYYY-MM-DD format
discover (boolean) –
enabled (boolean) –
features (dict) –
abs (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
fim (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
scan (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
id (uuid) –
mode (string) –
Valid values:
manual
,readonly
,automatic
,guided
,none
modified (dict) –
at (number) –
by (uuid) –
name (string) –
platform (dict) –
status (dict) –
status (string) –
updated (number) –
version (number) –
-
list_deployments
(**kwargs)¶ Lists deployments belonging to a particular account
Request Syntax
response = client.list_deployments( account_id='string' )
- Parameters
account_id (string) – [REQUIRED]
- Return type
list
- Returns
Response Syntax
[ { 'account_id': 'string', 'cloud_defender': { 'enabled': 'False|True', 'location': 'string' }, 'created': { 'at': 'number', 'by': 'string' }, 'credentials': [ { 'id': 'string', 'purpose': 'string', 'version': 'string' } ], 'discover': 'False|True', 'enabled': 'False|True', 'features': { 'abs': [ { 'scope': [ 'None' ] } ], 'fim': [ { 'scope': [ 'None' ] } ], 'scan': [ { 'scope': [ 'None' ] } ] }, 'id': 'string', 'mode': 'manual'|'readonly'|'automatic'|'guided'|'none', 'modified': { 'at': 'number', 'by': 'string' }, 'name': 'string', 'platform': 'dict', 'status': { 'status': 'string', 'updated': 'number' }, 'version': 'number' } ]
Response Definitions
(dict) –
Deployment Object
account_id (string) –
cloud_defender (dict) –
enabled (boolean) –
location (string) –
created (dict) –
at (number) –
by (uuid) –
credentials (list) –
(dict) –
id (uuid) –
gen v4 UUID of the linked credential object
purpose (string) –
The purpose of the linked credential object. For ‘aws’ deployments: ‘discover’ and ‘x-account-monitor’ values are allowed. For ‘azure’ deployments: only discover is allowed For ‘datacenter’ deployments this is not valid
version (date) –
Credential validation policy version in YYYY-MM-DD format
discover (boolean) –
enabled (boolean) –
features (dict) –
abs (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
fim (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
scan (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
id (uuid) –
mode (string) –
Valid values:
manual
,readonly
,automatic
,guided
,none
modified (dict) –
at (number) –
by (uuid) –
name (string) –
platform (dict) –
status (dict) –
status (string) –
updated (number) –
version (number) –
-
update_deployment
(**kwargs)¶ Request Syntax
response = client.update_deployment( account_id='string' cloud_defender={ 'enabled': 'False|True', 'location_id': 'string' } credentials=[ { 'id': 'string', 'purpose': 'string', 'version': 'string' } ] deployment_id='string' discover='False|True' enabled='False|True' features={ 'abs': [ { 'scope': [ 'None' ] } ], 'fim': [ { 'scope': [ 'None' ] } ], 'scan': [ { 'scope': [ 'None' ] } ] } mode='manual'|'readonly'|'automatic'|'guided'|'none' name='string' platform='dict' scan='False|True' scope={ 'exclude': [ { 'key': 'string', 'type': 'region'|'vpc'|'subnet' } ], 'include': [ { 'key': 'string', 'policy': { 'id': 'string' }, 'type': 'deployment'|'region'|'vpc' } ] } version='number' )
- Parameters
account_id (string) – [REQUIRED]
cloud_defender (dict) –
The Cloud Defender product integration settings
enabled (boolean) –
Whether or not the Cloud Defender product integration is enabled, must be false
Default:
False
location_id (string) –
The Cloud Defender datacenter location name, default location_id will be set to account’s default defender location_id.
credentials (list) –
(dict) –
id (uuid) –
gen v4 UUID of the linked credential object
purpose (string) –
The purpose of the linked credential object. For ‘aws’ deployments: ‘discover’ and ‘x-account-monitor’ values are allowed. For ‘azure’ deployments: only discover is allowed For ‘datacenter’ deployments this is not valid
version (date) –
Credential validation policy version in YYYY-MM-DD format
deployment_id (string) – [REQUIRED]
discover (boolean) –
Whether or not the deployment is discovered. Default is true if not specified.
Default:
True
enabled (boolean) –
Whether or not the deployment is enabled. Default is true if not specified.
Default:
True
features (dict) –
abs (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
fim (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
scan (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
mode (string) –
For ‘aws’ deployments - Deployment mode (manual, readonly, automatic, guided or none). Default mode is automatic if not specified. For ‘azure’ deployments - Deployment mode, must be manual For ‘datacenter’ deployments - Deployment mode, must be manual
Valid values:
manual
,readonly
,automatic
,guided
,none
name (string) – The name of the deployment
platform (dict) –
scan (boolean) –
Whether or not the deployment is scanned. Default is true if not specified.
Default:
True
scope (dict) –
Definition of customer’s assets being protected
exclude (list) –
List of assets excluded from protection
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: region, vpc, subnet.
Valid values:
region
,vpc
,subnet
include (list) –
(dict) –
List of assets being protected
key (string) –
Asset Key
policy (dict) –
Details of the attached policy
id (string) –
gen v4 UUID of the attached policy
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
version (number) –
- Return type
dict
- Returns
Response Syntax
{ 'account_id': 'string', 'cloud_defender': { 'enabled': 'False|True', 'location': 'string' }, 'created': { 'at': 'number', 'by': 'string' }, 'credentials': [ { 'id': 'string', 'purpose': 'string', 'version': 'string' } ], 'discover': 'False|True', 'enabled': 'False|True', 'features': { 'abs': [ { 'scope': [ 'None' ] } ], 'fim': [ { 'scope': [ 'None' ] } ], 'scan': [ { 'scope': [ 'None' ] } ] }, 'id': 'string', 'mode': 'manual'|'readonly'|'automatic'|'guided'|'none', 'modified': { 'at': 'number', 'by': 'string' }, 'name': 'string', 'platform': 'dict', 'status': { 'status': 'string', 'updated': 'number' }, 'version': 'number' }
Response Definitions
account_id (string) –
cloud_defender (dict) –
enabled (boolean) –
location (string) –
created (dict) –
at (number) –
by (uuid) –
credentials (list) –
(dict) –
id (uuid) –
gen v4 UUID of the linked credential object
purpose (string) –
The purpose of the linked credential object. For ‘aws’ deployments: ‘discover’ and ‘x-account-monitor’ values are allowed. For ‘azure’ deployments: only discover is allowed For ‘datacenter’ deployments this is not valid
version (date) –
Credential validation policy version in YYYY-MM-DD format
discover (boolean) –
enabled (boolean) –
features (dict) –
abs (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
fim (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
scan (list) –
Definition of customer’s assets being protected by the particular feature
(dict) –
List of assets being protected by a feature
scope (list) –
(dict) –
key (string) –
Asset Key
type (string) –
Asset type. Allowed asset types: deployment, region, vpc.
Valid values:
deployment
,region
,vpc
,subnet
,host
id (uuid) –
mode (string) –
Valid values:
manual
,readonly
,automatic
,guided
,none
modified (dict) –
at (number) –
by (uuid) –
name (string) –
platform (dict) –
status (dict) –
status (string) –
updated (number) –
version (number) –
-