-
Notifications
You must be signed in to change notification settings - Fork 0
/
contrast_create_group.py
61 lines (51 loc) · 1.48 KB
/
contrast_create_group.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# Script to create an application access group on the Contrast TeamServer
# Author: josh.anderson@contrastsecurity.com
import argparse
import logging
import sys
from contrast_api import contrast_instance_from_json, load_config
args_parser = argparse.ArgumentParser(
description="Create an application access group on Contrast."
)
# Required arguments
args_parser.add_argument(
"-n",
"--group-name",
"--group-name",
help="Name of the group you want to create.",
type=str,
required=True,
)
args_parser.add_argument(
"-r",
"--role",
help="Role to give users allocated to this group's applications.",
choices=["NO_ACCESS", "VIEW", "EDIT", "RULES_ADMIN", "ADMIN"],
type=str.upper,
required=True,
)
args_parser.add_argument(
"-o",
"--org-id",
"--organization-id",
help="ID of the organization to create this group in.",
type=str,
required=True,
)
args = args_parser.parse_args()
logging.basicConfig(level=logging.INFO, format="%(levelname)s: %(message)s")
logger = logging.getLogger(__file__)
config = load_config()
contrast = contrast_instance_from_json(config)
body = {
"name": args.group_name,
"scope": {"app_scope": {"exceptions": [], "onboard_role": args.role}},
"users": [],
}
response = contrast.api_request(f"{args.org_id}/groups", "POST", body=body)
exit_code = 0
logger.info(" - ".join(response["messages"]))
if not response["success"]:
logger.error("Creation failed")
exit_code = 1
sys.exit(exit_code)