Tenable Cloud Security¶
- class CloudSecurity(url: str | None = None, api_key: str | None = None, verify: bool = True, schema_validation: bool = True, retries: int = 3, timeout: int = 300, vendor: str = 'unknown', product: str = 'unknown', build: str = 'unknown')[source]¶
Tenable Cloud Security The CloudSecurity class is the primary interaction point for the Cloud Security GraphQL API within pyTenable. The most commonly used and supported GraphQL APIs have also been wrapped into the endpoints below.
- Parameters:
url (str) – The url that points to the cloud security site to interact with. If not specified, the SDK will attempt to pull the parameter from the environment variable TCS_URL
api_key (str) – The API Key to use for authentication to the API. If not specied, the SDK will attempt to pull the parameter from the environment variable TCS_API_KEY.
verify (bool, optional) – Should SSL verification be performed? The default is True.
retries (int, optional) – How many retries should be attempted before giving up on the current call? The default is 3.
timeout (int, optional) – How long to wait in seconds for the API to respond before timing out the call and throwing an error? The default is 300.
vendor (str, optional) – Identifies the vendor of the integration making the call to the API. This is used as part of the User-Agent construction.
product (str, optional) – Identifies the product of the integration making the call to the API. This is used as part of the User-Agent construction.
build (str, optional) – Identifies the build of the integration making the call to the API. This is used as part of the User-Agent construction.
- query(query: str | None = None, stored_file: str | None = None, keyword_arguments: Dict[str, Any] | None = None, iterator: GraphQLIterator | None = None, graphql_model: str | None = None, **variables: Any) Dict[str, Any] ¶
Query the GraphQL API
- Parameters:
query (str | StringIO | DocumentNode, optional) – The GraphQL query to pass to the remote API.
stored_file (str, optional) –
The filename of a vendored (stored) graphql query to construct.
Note
This parameter should not need to be used for outside of the library itself. All of the queries available with this parameter are also wrapped within the endpoint classes.
iterator (GraphQLIterator, optional) – If specified, the response will be an instance of this iterable instead of the dictionary response. Useful for when the response data is expected to be larger datasets that would require multiple pages to collect all of the data.
graphql_model (str, optional) – When using the iterator, we need to specify the base entity that is returned from the GraphQL response.
keyword_argument (dict, optional) – Anything specified within this dictionary will be passed on to the gql libraries query method. While not expected to be commonly used, we’re exposing this here just incase we need it.
**variables (dict, optional) – Any variable declarations that need to be passed along with the query.
- Returns:
- If no iterator is passed, then the response dictionary is
returned to the caller.
- GraphQLIterator:
If an iterator class was passed, then the query is generated and the passed to the iterator nefore returning an instance of the iterator class.
- Return type:
Dict
Example
A very basic example:
>>> session.query('{ hero { name } }')
An example using a variable within the query:
>>> query = ''' ... query HeroNameAndFriends($episode: Episode) { ... hero(episode: $episode) { ... name ... friends { ... name ... } ... } ... } >>> session.query(query, episode='JEDI')
- validate(query: str | StringIO) Dict[str, Any] ¶
Validates the query against the schema and returns any validation errors that may have occured.
- Parameters:
query (str | StringIO) – The query to validate against
Returns:
- property assets¶
Interface object for the Tenable Cloud Security Assets Queries.
- property vulns¶
Interface object for the Tenable Cloud Security Vulnerability Queries.