awsenergylabelercli package

Submodules

awsenergylabelercli.awsenergylabelercli module

Main code for awsenergylabelercli.

awsenergylabelercli.awsenergylabelercli.RESOLVED_FINDINGS_QUERY(x)
awsenergylabelercli.awsenergylabelercli.calculate_file_hash(binary_contents)[source]

Calculates a hex digest of binary contents.

Parameters:

binary_contents – The binary object to calculate the hex digest of.

Returns:

The calculated hex digest of the binary object.

awsenergylabelercli.awsenergylabelercli.get_account_reporting_data(account_id, region, frameworks, allowed_regions, denied_regions, export_all_data_flag, report_closed_findings_days, report_suppressed_findings, account_thresholds, security_hub_query_filter, log_level, metadata, disable_spinner)[source]

Gets the reporting data for a single account.

Parameters:

  • account_id – The ID of the account to get reporting on.

  • region – The home region of AWS.

  • frameworks – The frameworks to include in scoring.

  • allowed_regions – The allowed regions for security hub if any.

  • denied_regions – The denied regions for security hub if any.

  • export_all_data_flag – If set all data is going to be exported, else only basic reporting.

  • report_closed_findings_days – The number of days to report the resolved findings for.

  • report_suppressed_findings – A flag to report on suppressed findings or not.

  • account_thresholds – The account thresholds to apply.

  • security_hub_query_filter – The security hub filter to apply.

  • log_level – The log level set.

  • metadata – The metadata of the execution, provided to be enriched by the active ones.

  • disable_spinner – The spinner will be disabled while retrieving the findings.

Returns:

report_data, exporter_arguments

awsenergylabelercli.awsenergylabelercli.get_arguments(arguments=None)[source]

Gets us the cli arguments.

Returns the args as parsed from the argsparser.

awsenergylabelercli.awsenergylabelercli.get_parser()[source]

Constructs the parser with all the arguments and returns it.

awsenergylabelercli.awsenergylabelercli.get_zone_reporting_data(zone_name, region, frameworks, allowed_account_ids, denied_account_ids, allowed_regions, denied_regions, export_all_data_flag, report_closed_findings_days, report_suppressed_findings, account_thresholds, zone_thresholds, security_hub_query_filter, log_level, zone_type, metadata, disable_spinner)[source]

Gets the reporting data for an organizations zone.

Parameters:

  • zone_name – The name of the security zone.

  • region – The home region of AWS.

  • frameworks – The frameworks to include in scoring.

  • allowed_account_ids – The allowed account ids for landing zone inclusion if any.

  • denied_account_ids – The allowed account ids for landing zone exclusion if any.

  • allowed_regions – The allowed regions for security hub if any.

  • denied_regions – The denied regions for security hub if any.

  • export_all_data_flag – If set all data is going to be exported, else only basic reporting.

  • report_closed_findings_days

  • report_suppressed_findings

  • account_thresholds

  • zone_thresholds

  • log_level – The log level set.

  • zone_type – The type of zone to label.

  • metadata – The metadata of the execution, provided to be enriched by the active ones.

  • disable_spinner – The spinner will be disabled while retrieving the findings.

Returns:

report_data, exporter_arguments

awsenergylabelercli.awsenergylabelercli.setup_logging(level, config_file=None)[source]

Sets up the logging.

Parameters:

  • level – At which level do we log

  • config_file – Configuration to use

awsenergylabelercli.awsenergylabelercli.validate_metadata_file(file_path, parser)[source]

Validates a provided local metadata file by looking into its contents.

Parameters:

  • file_path – The local file path of the file to validate for.

  • parser – The parser to use the appropriate exit methods.

Returns:

parser.exit(0) on success

Raises:

parser.error on failure.

awsenergylabelercli.awsenergylabelercli.wait_for_findings(method_name, method_argument, log_level, finding_type=None, disable_spinner=False)[source]

If log level is not debug shows a spinner while the callable provided gets security hub findings.

Parameters:

  • method_name – The method to execute while waiting.

  • method_argument – The argument to pass to the method.

  • log_level – The log level as set by the user.

  • finding_type – The type of the finding to use for the helping message.

  • disable_spinner – The spinner will be disabled while retrieving the findings.

Returns:

A list of security hub findings as retrieved by the callable.

Return type:

findings

awsenergylabelercli.awsenergylabelercliexceptions module

Custom exception code for awsenergylabelercli.

exception awsenergylabelercli.awsenergylabelercliexceptions.MissingRequiredArguments[source]

Bases: Exception

Missing a required argument.

exception awsenergylabelercli.awsenergylabelercliexceptions.MutuallyExclusiveArguments[source]

Bases: Exception

Mutually exclusive variables are set.

awsenergylabelercli.entities module

entities package.

Import all parts from entities here

class awsenergylabelercli.entities.Metadata[source]

Bases: object

Models the metadata container that can parse the metadata entries.

add_entry(entry)[source]

Adds a metadata entry to the container.

Parameters:

entry – A metadata entry object.

Returns:

None

property data

The data of the included entries.

Returns:

The metadata entries in a dictionary.

property report_table

The data to be included in a report table.

Returns:

A list of entry data lists to be reported in an interactive report.

class awsenergylabelercli.entities.MetadataEntry(title: str, value: str, is_report_entry: bool)[source]

Bases: object

Models a metadata entry.

is_report_entry: bool
title: str
value: str

awsenergylabelercli.validators module

Main code for validators.

class awsenergylabelercli.validators.OverridingArgument(option_strings, dest, nargs=None, const=None, default=None, type=None, choices=None, required=False, help=None, metavar=None)[source]

Bases: Action

Argument that if set will disable all other arguments that are set as required.

awsenergylabelercli.validators.account_thresholds_config(value)[source]

Validates that the provided string value is an account thresholds configuration.

Parameters:

value – The value to validate for an account thresholds configuration.

Returns:

A valid account configuration.

awsenergylabelercli.validators.aws_account_id(account_id)[source]

Setting a type for an account id argument.

awsenergylabelercli.validators.character_delimited_list_variable(value)[source]

Support for environment variables with characters delimiting a list of value.

awsenergylabelercli.validators.default_environment_variable(variable_name)[source]

Closure to pass the variable name to the inline custom Action.

Parameters:

variable_name – The variable to look up as environment variable.

Returns:

The Action object.

awsenergylabelercli.validators.environment_variable_boolean(value)[source]

Parses an environment variable as a boolean.

Parameters:

value – The value of the environment variable.

Returns:

True if environment variable is one of the supported values, False otherwise.

awsenergylabelercli.validators.get_mutually_exclusive_args(*args, required=False)[source]

Test if multiple mutually exclusive arguments are provided.

awsenergylabelercli.validators.json_string(value)[source]

Validates that the provided argument is a valid json string.

Parameters:

value – The string to load as json

Returns:

The json object on success

Raises:

ArgumentTypeError on error.

awsenergylabelercli.validators.positive_integer(value)[source]

Casts an argument to an int and validates that it is a positive number.

Parameters:

value – The value to cast.

Returns:

The positive integer.

Raises:

ArgumentTypeError – If the argument cannot be cast or if it is a negative number.

awsenergylabelercli.validators.security_hub_region(region)[source]

Setting a type for a security hub region.

awsenergylabelercli.validators.valid_local_file(local_path)[source]

Validates an argparse argument to be an existing local file.

Parameters:

local_path – The path provided as an argument.

Returns:

The local path if the file exists.

Raises:

ArgumentTypeError – If the file does not exist.

awsenergylabelercli.validators.zone_thresholds_config(value)[source]

Validates that the provided string value is a zone thresholds configuration.

Parameters:

value – The value to validate for a zone thresholds configuration.

Returns:

A valid zone configuration.

Module contents

awsenergylabelercli package.

Import all parts from awsenergylabelercli here