ssg.controls module

class ssg.controls.Control[source]

Bases: SelectionHandler, XCCDFEntity

KEYS = {'artifact_description': <class 'str'>, 'automated': <class 'str'>, 'check': <class 'str'>, 'controls': <class 'list'>, 'description': <class 'str'>, 'fixtext': <class 'str'>, 'id': <class 'str'>, 'levels': <class 'list'>, 'mitigation': <class 'str'>, 'notes': <class 'str'>, 'original_title': <class 'str'>, 'rationale': <class 'str'>, 'related_rules': <class 'list'>, 'rules': <class 'list'>, 'status': None, 'status_justification': <class 'str'>, 'tickets': <class 'list'>, 'title': <class 'str'>}

MANDATORY_KEYS = {'title'}

add_references(reference_type, rules)[source]

classmethod from_control_dict(control_dict, env_yaml=None, default_level=['default'])[source]

represent_as_dict()[source]

Produce a dict representation of the class.

Extend this method if you need the representation to be different from the object.

class ssg.controls.ControlsManager(controls_dir, env_yaml=None, existing_rules=None)[source]

Bases: object

add_references(rules)[source]

check_all_rules_exist()[source]

get_all_controls(policy_id)[source]

get_all_controls_dict(policy_id: str) → Dict[str, list][source]

get_all_controls_of_level(policy_id, level_id)[source]

get_control(policy_id, control_id)[source]

load()[source]

remove_selections_not_known(known_rules)[source]

resolve_controls()[source]

save_everything(output_dir)[source]

exception ssg.controls.InvalidStatus[source]: Bases: Exception

class ssg.controls.Level[source]

Bases: XCCDFEntity

KEYS = {'id': <function Level.<lambda>>, 'inherits_from': <function Level.<lambda>>}

classmethod from_level_dict(level_dict)[source]

class ssg.controls.Policy(filepath, env_yaml=None)[source]

Bases: XCCDFEntity

add_references(rules)[source]

check_all_rules_exist(existing_rules)[source]

check_levels_validity()[source]: This function goes through all controls in the policy and checks if all levels defined for individual controls are valid for the policy. If the policy has no levels defined, then all controls should have the “default” level defined (this is defined implicitly).

property default_level

get_control(control_id)[source]

get_level(level_id)[source]

get_level_with_ancestors_sequence(level_id)[source]

load()[source]

remove_selections_not_known(known_rules)[source]

represent_as_dict()[source]

Produce a dict representation of the class.

Extend this method if you need the representation to be different from the object.

save_controls_tree(tree)[source]

class ssg.controls.Status(status)[source]

Bases: object

AUTOMATED = 'automated'

DOCUMENTATION = 'documentation'

DOES_NOT_MEET = 'does not meet'

INHERENTLY_MET = 'inherently met'

MANUAL = 'manual'

NOT_APPLICABLE = 'not applicable'

PARTIAL = 'partial'

PENDING = 'pending'

PLANNED = 'planned'

SUPPORTED = 'supported'

classmethod from_control_info(ctrl, status)[source]

classmethod get_status_list()[source]