msticpy.auth.cloud_mappings module

Azure Cloud Mappings.

class msticpy.auth.cloud_mappings.AzureCloudConfig(cloud=None, tenant_id=None, resource_manager_url=None)

Bases: object

Azure Cloud configuration.

Initialize AzureCloudConfig from cloud or configuration.

Parameters:

  • cloud (str, optional) – The cloud to retrieve configuration for. If not supplied, the cloud ID is read from configuration. If this is not available, it defaults to ‘global’.

  • tenant_id (str, optional) – The tenant to authenticate against. If not supplied, the tenant ID is read from configuration, or the default tenant for the identity.

  • resource_manager_url (str, optional) – The resource manager URL to use. If not supplied, the URL is based on the cloud name within the configuration or defaults to ‘https://management.azure.com/’.

property authority_uri: str

Return the AAD authority URI.

property cloud_names: list[str]

Return a list of current cloud names.

property log_analytics_uri: str

Return the AAD authority URI.

static resolve_cloud_alias(alias)

Return match of cloud alias or name.

Return type:

str | None

property resource_manager: str

Return the resource manager URI.

property suffixes: dict[str, str]

Get CloudSuffixes class an Azure cloud.

Returns:

Dict of cloud endpoint suffixes.

Return type:

dict

Raises:

MsticpyAzureConfigError – If the cloud name is not valid.

property token_uri: str

Return the resource manager token URI.

msticpy.auth.cloud_mappings.default_auth_methods()

Get the default (all) authentication options.

Return type:

list[str]

msticpy.auth.cloud_mappings.format_endpoint(endpoint)

Format an endpoint with “/” if needed .

Parameters:

endpoint (str)

Return type:

str

msticpy.auth.cloud_mappings.get_azure_config_value(key, default)

Get a config value from Azure section.

msticpy.auth.cloud_mappings.get_cloud_endpoints(cloud, resource_manager_url=None)

Get the cloud endpoints for a specific cloud.

If resource_manager_url is supplied, it will be used instead of the cloud name.

Parameters:

  • cloud (str) – The name of the cloud to get endpoints for.

  • resource_manager_url (str, optional) – The resource manager url for a cloud. Can be used to get all endpoints for a specific cloud. Defaults to None.

Returns:

A dictionary of endpoints and suffixes for the specified cloud/resource_manager_url.

Return type:

dict

Raises:

MsticpyAzureConfigError – If the cloud name is not valid.

msticpy.auth.cloud_mappings.get_cloud_endpoints_by_cloud(cloud)

Get the cloud endpoints for a specific cloud.

Parameters:

cloud (str) – The name of the cloud to get endpoints for.

Returns:

Contains endpoints and suffixes for a specific cloud.

Return type:

Dict

msticpy.auth.cloud_mappings.get_cloud_endpoints_by_resource_manager_url(resource_manager_url)

Get the cloud endpoints for a specific resource manager url.

Parameters:

resource_manager_url (str) – The resource manager url to get endpoints for.

Returns:

Contains endpoints and suffixes for a specific cloud.

Return type:

Dict

msticpy.auth.cloud_mappings.get_defender_endpoint(cloud)

Get the URI of the applicable Defender for Endpoint API.

Parameters:

cloud (str)

Return type:

str

msticpy.auth.cloud_mappings.get_m365d_endpoint(cloud)

Get the URI of the applicable Defender for Endpoint API.

Parameters:

cloud (str)

Return type:

str

msticpy.auth.cloud_mappings.get_m365d_login_endpoint(cloud)

Get M365 login URL.

Parameters:

cloud (str)

Return type:

str