 |
| List Security Advisor notes via CLI |
Security Advisor Findings Python SDK
The Python SDK to work with Security Advisor findings provides all the functions of the findings API and integrates them with the common IBM core SDK and IAM authentication. It is possible to search for providers, notes and occurrences and, more importantly, you can create, update or delete notes and occurrence objects.When I started experimenting with custom findings for the IBM Cloud Security Advisor, I soon needed an easy way for changing and removing test objects. Hence, I coded up a small tool which makes use of most of the SDK functions.
Manage Security Advisor objects from the command line
The tool needs Python 3, the above SDK and support for dot-env. Once installed, create a file ".env" with the following content adapted to your account:SAT_APIKEY="Your-IBM-Cloud-APIKEY"
SAT_ACCOUNT_ID="Your-IBM-Cloud-accountID"
SAT_ENDPOINT="https://us-south.secadvisor.cloud.ibm.com/findings"
You can create an API key for IBM Cloud with the command "ibmcloud iam api-key-create".
The tool works by typing in the menu options in upper or lower case followed by ENTER. Depending on the command, you are prompted to provide additional details like the provider ID or specific object identifiers. I am using the tool to put card and note definitions in place and to clean up tests. Feel free to open GitHub issues or to create pull requests.