Version 1.4.5 - New service collections, fixes and updates

.github/wordlist.txt

@@ -1388,4 +1388,7 @@ Oke
 Okumo
 Moomaw
 Esha
-Kumar
+Kumar
+gansel
+Ansel
+zipp

AUTHORS.md

@@ -99,7 +99,8 @@ This has been a critical element in the development of the FalconPy project.
 + `David-M-Berry`
 + Oke Okumo, `@okewoma`
 + Alexander Moomaw, `@alhumaw`
-+ Esha Kumar, `@exk200006` 
++ Esha Kumar, `@exk200006`
++ Griffin Ansel, `@gansel51`
 
 
 ## Sponsors

CHANGELOG.md

@@ -1,3 +1,55 @@
+# Version 1.4.5
+## Added features and functionality
++ Added: Added new __Host Migration__ service collection with 10 new operations.
+    - `__init__.py`
+    - `_endpoint/__init__.py`
+    - `_endpoint/_host_migration.py`
+    - `host_migration.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_host_migration.py`
+
++ Added: Added new __Certificate Based Exclusions__ service collection with six new operations.
+    - `__init__.py`
+    - `_endpoint/__init__.py`
+    - `_endpoint/_certificate_based_exclusions.py`
+    - `_endpoint/deprecated/_certificate_based_exclusions.py`
+    - `_payload/__init__.py`
+    - `_payload/_certificate_based_exclusions.py`
+    - `certificate_based_exclusions.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_certificate_based_exclusions.py`
+
++ Added: Added new __Compliance Assessments__ service collection with 11 new operations.
+    - `__init__.py`
+    - `_endpoint/__init__.py`
+    - `_endpoint/_compliance_assessments.py`
+    - `compliance_assessments.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_compliance_assessments.py`
+
+## Issues resolved
++ Fixed: Resolved comparison issue with version check helper method.
+    - `_version.py`
+
+## Other
++ Added: USGOV2 cloud region added to Base URL enumerator.
+    - `_enum/_base_url.py`
+
++ Added: Automatic base URL detection from context objects when available.
+    - `_auth_object/_falcon_interface.py`
+
++ Pinned: `setuptools` package pinned to version __70.3.0__ to avoid failures with new iterations of setuptools in Azure environments.
+    - `requirements.txt`
+    - `requirements-dev.txt`
+    - `setup.py`
+    - `dev-setup.py`
+    - Thanks go out to @gansel51 for identifying this issue and contributing a fix! 🙇
+
++ Pinned: `zipp` package pinned to version __3.19.1__ to avoid a potential vulnerability.
+    - `requirements-dev.txt`
+
+---
+
 # Version 1.4.4
 ## Added features and functionality
 + Added: Added new __API Integrations__ service collection with two new operations, __GetCombinedPluginConfigs__ and __ExecuteCommand__.

dev_setup.py

@@ -134,6 +134,7 @@
             "pytest-cov",
             "pytest",
             "bandit",
+            "setuptools~=70.3.0"
         ],
     },
     classifiers=[

requirements-dev.txt

@@ -17,4 +17,5 @@ pytest-cov>=2.11.1  # via -r requirements-dev.in
 pytest>=6.2.2       # via -r requirements-dev.in
 ipython>=8.10.0     # via -r requirements-dev.in, pinned by Snyk to avoid SNYK-PYTHON-IPYTHON-3318382
 pydocstyle>=6.1.0
-setuptools>=65.5.1  # not directly required, pinned by Snyk to avoid SNYK-PYTHON-SETUPTOOLS-3113904
+setuptools~=70.3.0  # pinning to avoid failures with new iterations of setuptools
+zipp>=3.19.1        # not directly required, pinned by Snyk

requirements.txt

@@ -5,5 +5,4 @@
 #    pip-compile requirements.in
 #
 requests		   # via -r requirements.in
-urllib3                    # via -r requirements.in, requests
-
+urllib3            # via -r requirements.in, requests

setup.py

@@ -91,6 +91,7 @@
             "pytest-cov",
             "pytest",
             "bandit",
+            "setuptools~=70.3.0"
         ],
     },
     classifiers=[

src/falconpy/__init__.py

@@ -90,7 +90,9 @@
 from .alerts import Alerts
 from .api_integrations import APIIntegrations
 from .api_complete import APIHarness, APIHarnessV2
+from .certificate_based_exclusions import CertificateBasedExclusions
 from .cloud_snapshots import CloudSnapshots
+from .compliance_assessments import ComplianceAssessments
 from .configuration_assessment_evaluation_logic import ConfigurationAssessmentEvaluationLogic
 from .configuration_assessment import ConfigurationAssessment
 from .container_alerts import ContainerAlerts
@@ -119,6 +121,7 @@
 from .foundry_logscale import FoundryLogScale
 from .host_group import HostGroup
 from .hosts import Hosts
+from .host_migration import HostMigration
 from .identity_protection import IdentityProtection
 from .image_assessment_policies import ImageAssessmentPolicies
 from .incidents import Incidents
@@ -198,7 +201,8 @@
     "SDKDeprecationWarning", "ConfigurationAssessmentEvaluationLogic", "ConfigurationAssessment",
     "ContainerAlerts", "ContainerDetections", "ContainerImages", "ContainerPackages",
     "ContainerVulnerabilities", "DriftIndicators", "UnidentifiedContainers",
-    "ImageAssessmentPolicies", "APIIntegrations", "ThreatGraph", "ExposureManagement"
+    "ImageAssessmentPolicies", "APIIntegrations", "ThreatGraph", "ExposureManagement",
+    "CertificateBasedExclusions", "ComplianceAssessments", "HostMigration"
     ]
 """
 This is free and unencumbered software released into the public domain.

src/falconpy/_auth_object/_falcon_interface.py

@@ -73,7 +73,7 @@ class FalconInterface(BaseFalconAuth):
     # The default constructor for all authentication objects. Ingests provided credentials
     # and sets the necessary class attributes based upon the authentication detail received.
     # pylint: disable=R0912,R0913,R0914
-    def __init__(self,
+    def __init__(self,  # noqa: C901
                  access_token: Optional[Union[str, bool]] = False,
                  base_url: Optional[str] = "https://api.crowdstrike.com",
                  creds: Optional[Dict[str, str]] = None,
@@ -167,7 +167,8 @@ def __init__(self,
                         if cvar.cs_cloud:
                             self._config.base_url = confirm_base_url(cvar.cs_cloud)
                     except AttributeError:
-                        pass
+                        if self.token_value:
+                            self._config.base_url = confirm_base_url(os.getenv("CS_CLOUD", "auto"))
                     self._auth_style = "CONTEXT"
                     break
                 except AttributeError:

src/falconpy/_endpoint/__init__.py

@@ -36,13 +36,16 @@
 from .deprecated import _report_executions_deprecated
 from .deprecated import _scheduled_reports_deprecated
 from .deprecated import _zero_trust_assessment_deprecated
+from .deprecated import _certificate_based_exclusions_deprecated
 from .deprecated import _deprecated_operation_mapping
 from .deprecated import _deprecated_class_mapping
 
 from ._alerts import _alerts_endpoints
 from ._api_integrations import _api_integrations_endpoints
+from ._certificate_based_exclusions import _certificate_based_exclusions_endpoints
 from ._cloud_connect_aws import _cloud_connect_aws_endpoints
 from ._cloud_snapshots import _cloud_snapshots_endpoints
+from ._compliance_assessments import _complianceassessments_endpoints
 from ._configuration_assessment_evaluation_logic import _configuration_assessment_evaluation_logic_endpoints
 from ._configuration_assessment import _configuration_assessment_endpoints
 from ._container_alerts import _container_alerts_endpoints
@@ -69,6 +72,7 @@
 from ._foundry_logscale import _foundry_logscale_endpoints
 from ._host_group import _host_group_endpoints
 from ._hosts import _hosts_endpoints
+from ._host_migration import _host_migration_endpoints
 from ._identity_protection import _identity_protection_endpoints
 from ._image_assessment_policies import _image_assessment_policies_endpoints
 from ._incidents import _incidents_endpoints
@@ -112,8 +116,10 @@
 api_endpoints: List[Any] = []
 api_endpoints.extend(_alerts_endpoints)
 api_endpoints.extend(_api_integrations_endpoints)
+api_endpoints.extend(_certificate_based_exclusions_endpoints)
 api_endpoints.extend(_cloud_connect_aws_endpoints)
 api_endpoints.extend(_cloud_snapshots_endpoints)
+api_endpoints.extend(_complianceassessments_endpoints)
 api_endpoints.extend(_configuration_assessment_evaluation_logic_endpoints)
 api_endpoints.extend(_configuration_assessment_endpoints)
 api_endpoints.extend(_container_alerts_endpoints)
@@ -140,6 +146,7 @@
 api_endpoints.extend(_foundry_logscale_endpoints)
 api_endpoints.extend(_host_group_endpoints)
 api_endpoints.extend(_hosts_endpoints)
+api_endpoints.extend(_host_migration_endpoints)
 api_endpoints.extend(_identity_protection_endpoints)
 api_endpoints.extend(_image_assessment_policies_endpoints)
 api_endpoints.extend(_incidents_endpoints)
@@ -182,6 +189,7 @@
 
 # Deprecated endpoints
 deprecated_endpoints = []
+deprecated_endpoints.extend(_certificate_based_exclusions_deprecated)
 deprecated_endpoints.extend(_custom_ioa_deprecated)
 deprecated_endpoints.extend(_d4c_registration_deprecated)
 deprecated_endpoints.extend(_discover_deprecated)

src/falconpy/_endpoint/_certificate_based_exclusions.py

@@ -0,0 +1,171 @@
+"""Internal API endpoint constant library.
+
+ _______                        __ _______ __        __ __
+|   _   .----.-----.--.--.--.--|  |   _   |  |_.----|__|  |--.-----.
+|.  1___|   _|  _  |  |  |  |  _  |   1___|   _|   _|  |    <|  -__|
+|.  |___|__| |_____|________|_____|____   |____|__| |__|__|__|_____|
+|:  1   |                         |:  1   |
+|::.. . |   CROWDSTRIKE FALCON    |::.. . |    FalconPy
+`-------'                         `-------'
+
+OAuth2 API - Customer SDK
+
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <https://unlicense.org>
+"""
+
+_certificate_based_exclusions_endpoints = [
+  [
+    "cb_exclusions_get_v1",
+    "GET",
+    "/exclusions/entities/cert-based-exclusions/v1",
+    "Find all exclusion IDs matching the query with filter",
+    "certificate_based_exclusions",
+    [
+      {
+        "type": "array",
+        "items": {
+          "type": "string"
+        },
+        "collectionFormat": "multi",
+        "description": "The ids of the exclusions to retrieve",
+        "name": "ids",
+        "in": "query",
+        "required": True
+      }
+    ]
+  ],
+  [
+    "cb_exclusions_create_v1",
+    "POST",
+    "/exclusions/entities/cert-based-exclusions/v1",
+    "Create new Certificate Based Exclusions.",
+    "certificate_based_exclusions",
+    [
+      {
+        "name": "body",
+        "in": "body",
+        "required": True
+      }
+    ]
+  ],
+  [
+    "cb_exclusions_update_v1",
+    "PATCH",
+    "/exclusions/entities/cert-based-exclusions/v1",
+    "Updates existing Certificate Based Exclusions",
+    "certificate_based_exclusions",
+    [
+      {
+        "name": "body",
+        "in": "body",
+        "required": True
+      }
+    ]
+  ],
+  [
+    "cb_exclusions_delete_v1",
+    "DELETE",
+    "/exclusions/entities/cert-based-exclusions/v1",
+    "Delete the exclusions by id",
+    "certificate_based_exclusions",
+    [
+      {
+        "type": "array",
+        "items": {
+          "type": "string"
+        },
+        "collectionFormat": "multi",
+        "description": "The ids of the exclusions to delete",
+        "name": "ids",
+        "in": "query",
+        "required": True
+      },
+      {
+        "type": "string",
+        "description": "The comment why these exclusions were deleted",
+        "name": "comment",
+        "in": "query"
+      }
+    ]
+  ],
+  [
+    "certificates_get_v1",
+    "GET",
+    "/exclusions/entities/certificates/v1",
+    "Retrieves certificate signing information for a file",
+    "certificate_based_exclusions",
+    [
+      {
+        "type": "string",
+        "description": "The SHA256 Hash of the file to retrieve certificate signing info for",
+        "name": "ids",
+        "in": "query",
+        "required": True
+      }
+    ]
+  ],
+  [
+    "cb_exclusions_query_v1",
+    "GET",
+    "/exclusions/queries/cert-based-exclusions/v1",
+    "Search for cert-based exclusions.",
+    "certificate_based_exclusions",
+    [
+      {
+        "type": "string",
+        "description": "The filter expression that should be used to limit the results.",
+        "name": "filter",
+        "in": "query"
+      },
+      {
+        "type": "integer",
+        "description": "The offset to start retrieving records from",
+        "name": "offset",
+        "in": "query"
+      },
+      {
+        "maximum": 100,
+        "type": "integer",
+        "description": "The maximum records to return. [1-100]",
+        "name": "limit",
+        "in": "query"
+      },
+      {
+        "enum": [
+          "created_by",
+          "created_on",
+          "modified_by",
+          "modified_on",
+          "name"
+        ],
+        "type": "string",
+        "description": "The sort expression that should be used to sort the results.",
+        "name": "sort",
+        "in": "query"
+      }
+    ]
+  ]
+]