msticpy.auth.cloud_mappings module

Azure Cloud Mappings.

class msticpy.auth.cloud_mappings.AzureCloudConfig(cloud: str | None = None, tenant_id: str | None = None, resource_manager_url: str | None = None)

Bases: object

Azure Cloud configuration.

Initialize AzureCloudConfig from cloud or configuration.

Parameters:

• cloud (str, optional) – The cloud to retrieve configuration for. If not supplied, the cloud ID is read from configuration. If this is not available, it defaults to ‘global’.

• tenant_id (str, optional) – The tenant to authenticate against. If not supplied, the tenant ID is read from configuration, or the default tenant for the identity.

• resource_manager_url (str, optional) – The resource manager URL to use. If not supplied, the URL is based on the cloud name within the configuration or defaults to ‘https://management.azure.com/’.

property authority_uri: str

Return the AAD authority URI.

property cloud_names: List[str]

Return a list of current cloud names.

property log_analytics_uri: str

Return the AAD authority URI.

static resolve_cloud_alias(alias) → str | None

Return match of cloud alias or name.

property resource_manager: str

Return the resource manager URI.

property suffixes: Dict[str, str]

Get CloudSuffixes class an Azure cloud.

Returns:

Dict of cloud endpoint suffixes.

Return type:

dict

Raises:

MsticpyAzureConfigError – If the cloud name is not valid.

property token_uri: str

Return the resource manager token URI.

msticpy.auth.cloud_mappings.default_auth_methods() → List[str]

Get the default (all) authentication options.

msticpy.auth.cloud_mappings.format_endpoint(endpoint: str) → str

Format an endpoint with “/” if needed .

msticpy.auth.cloud_mappings.get_azure_config_value(key, default)

Get a config value from Azure section.

msticpy.auth.cloud_mappings.get_cloud_endpoints(cloud: str, resource_manager_url: str | None = None) → Dict[str, Any]

Get the cloud endpoints for a specific cloud.

If resource_manager_url is supplied, it will be used instead of the cloud name.

Parameters:

• cloud (str) – The name of the cloud to get endpoints for.

• resource_manager_url (str, optional) – The resource manager url for a cloud. Can be used to get all endpoints for a specific cloud. Defaults to None.

Returns:

A dictionary of endpoints and suffixes for the specified cloud/resource_manager_url.

Return type:

dict

Raises:

MsticpyAzureConfigError – If the cloud name is not valid.

msticpy.auth.cloud_mappings.get_cloud_endpoints_by_cloud(cloud: str) → Dict[str, Any]

Get the cloud endpoints for a specific cloud.

Parameters:

cloud (str) – The name of the cloud to get endpoints for.

Returns:

Contains endpoints and suffixes for a specific cloud.

Return type:

Dict

msticpy.auth.cloud_mappings.get_cloud_endpoints_by_resource_manager_url(resource_manager_url: str) → Dict[str, Any]

Get the cloud endpoints for a specific resource manager url.

Parameters:

resource_manager_url (str) – The resource manager url to get endpoints for.

Returns:

Contains endpoints and suffixes for a specific cloud.

Return type:

Dict

msticpy.auth.cloud_mappings.get_defender_endpoint(cloud: str) → str

Get the URI of the applicable Defender for Endpoint API.

msticpy.auth.cloud_mappings.get_m365d_endpoint(cloud: str) → str

Get the URI of the applicable Defender for Endpoint API.

msticpy.auth.cloud_mappings.get_m365d_login_endpoint(cloud: str) → str

Get M365 login URL.