dasl-client 1.0.1__tar.gz → 1.0.31__tar.gz

dasl_client-1.0.31/PKG-INFO

@@ -0,0 +1,144 @@
+Metadata-Version: 2.4
+Name: dasl_client
+Version: 1.0.31
+Summary: The DASL client library used for interacting with the DASL workspace
+Author-email: Antimatter Team <support@antimatter.io>
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: dasl_api==0.1.28
+Requires-Dist: databricks-sdk>=0.41.0
+Requires-Dist: pydantic>=2
+Requires-Dist: typing_extensions>=4.10.0
+Requires-Dist: pyyaml==6.0.2
+Dynamic: license-file
+
+# DASL Client Library
+
+The DASL (Databricks Antimatter Security Lakehouse) Client Library is a Python SDK for interacting with DASL services.
+This library provides an interface for interacting with DASL services, allowing you to manage
+datasources, rules, workspace configurations, and more from Databricks notebooks.
+
+## Features
+
+* **Simple Authentication**: Automatic workspace detection in Databricks notebooks
+* **Datasource Management**: Create, update, list, and delete datasources
+* **Rule Management**: Define and manage security detection rules to identify threats
+* **Workspace Configuration**: Update and retrieve DASL's workspace-level settings
+
+## Installation
+
+Install from PyPI:
+
+```bash
+pip install dasl-client
+```
+
+## Quick Start
+
+### Databricks Notebook Environment (Recommended)
+
+The DASL client works best in Databricks notebooks with automatic authentication:
+
+```python
+from dasl_client import Client
+
+# Automatically detects Databricks context and authenticates
+client = Client.for_workspace()
+print("Connected to DASL!")
+
+# List existing datasources
+print("Existing datasources:")
+for datasource in client.list_datasources():
+    print(f"  - {datasource.metadata.name}")
+
+# List detection rules
+print("Existing detection rules:")
+for rule in client.list_rules():
+    print(f"  - {rule.metadata.name}")
+```
+
+### Creating a Datasource
+
+```python
+from dasl_client import DataSource, Schedule, BronzeSpec, SilverSpec
+
+# Create a new datasource
+datasource = Datasource(
+    source="aws",
+    source_type="cloudtrail",
+    autoloader=Autoloader(
+        enabled=True,
+        schedule=Schedule(
+            at_least_every="1h",
+            enabled=True
+        )
+    ),
+    bronze=BronzeSpec(
+        bronze_table="security_logs_bronze",
+        skip_bronze_loading=False
+    ),
+    silver=SilverSpec(
+        # Configure silver layer here, see the API reference for more details
+    ),
+    gold=GoldSpec(
+        # Configure gold layer here, see the API reference for more details
+    )
+)
+
+# Create the datasource
+created_datasource = client.create_datasource(datasource)
+print(f"Created datasource: {created.metadata.name}")
+```
+
+### Creating a Detection Rule
+
+```python
+from dasl_client.types import Rule, Schedule
+
+# Create a new detection rule to detect failed logins
+rule = Rule(
+    schedule=Schedule(
+        at_least_every="2h",
+        enabled=True,
+    ),
+    input=Rule.Input(
+        stream=Rule.Input.Stream(
+            tables=[
+                Rule.Input.Stream.Table(name="http_activity"),
+            ],
+            filter="disposition = 'Blocked'",
+            starting_timestamp=datetime(2025, 7, 8, 16, 47, 30),
+        ),
+    ),
+    output=Rule.Output(
+        summary="record was blocked",
+    ),
+)
+
+try:
+    created_rule = client.create_rule("Detect Blocked HTTP Activity", rule)
+    print(f"Successfully created rule: {created_rule.metadata.name}")
+except Exception as e:
+    print(f"Error creating rule: {e}")
+```
+
+## Requirements
+
+- Python 3.8+
+- Access to a Databricks workspace with DASL enabled
+- `databricks-sdk>=0.41.0`
+- `pydantic>=2`
+
+## Documentation
+
+For complete DASL Client documentation, examples, and API reference:
+
+- [DASL Client Documentation](https://antimatter-dasl-client.readthedocs-hosted.com/)
+- [API Reference](https://antimatter-dasl-client.readthedocs-hosted.com/en/latest/api-reference/)
+- [Quickstart Guide](https://antimatter-dasl-client.readthedocs-hosted.com/en/latest/quickstart.html)
+
+## Support
+
+- **Email**: support@antimatter.io
+- **Documentation**: [DASL Documentation](https://docs.sl.antimatter.io)

dasl_client-1.0.31/README.md

@@ -0,0 +1,129 @@
+# DASL Client Library
+
+The DASL (Databricks Antimatter Security Lakehouse) Client Library is a Python SDK for interacting with DASL services.
+This library provides an interface for interacting with DASL services, allowing you to manage
+datasources, rules, workspace configurations, and more from Databricks notebooks.
+
+## Features
+
+* **Simple Authentication**: Automatic workspace detection in Databricks notebooks
+* **Datasource Management**: Create, update, list, and delete datasources
+* **Rule Management**: Define and manage security detection rules to identify threats
+* **Workspace Configuration**: Update and retrieve DASL's workspace-level settings
+
+## Installation
+
+Install from PyPI:
+
+```bash
+pip install dasl-client
+```
+
+## Quick Start
+
+### Databricks Notebook Environment (Recommended)
+
+The DASL client works best in Databricks notebooks with automatic authentication:
+
+```python
+from dasl_client import Client
+
+# Automatically detects Databricks context and authenticates
+client = Client.for_workspace()
+print("Connected to DASL!")
+
+# List existing datasources
+print("Existing datasources:")
+for datasource in client.list_datasources():
+    print(f"  - {datasource.metadata.name}")
+
+# List detection rules
+print("Existing detection rules:")
+for rule in client.list_rules():
+    print(f"  - {rule.metadata.name}")
+```
+
+### Creating a Datasource
+
+```python
+from dasl_client import DataSource, Schedule, BronzeSpec, SilverSpec
+
+# Create a new datasource
+datasource = Datasource(
+    source="aws",
+    source_type="cloudtrail",
+    autoloader=Autoloader(
+        enabled=True,
+        schedule=Schedule(
+            at_least_every="1h",
+            enabled=True
+        )
+    ),
+    bronze=BronzeSpec(
+        bronze_table="security_logs_bronze",
+        skip_bronze_loading=False
+    ),
+    silver=SilverSpec(
+        # Configure silver layer here, see the API reference for more details
+    ),
+    gold=GoldSpec(
+        # Configure gold layer here, see the API reference for more details
+    )
+)
+
+# Create the datasource
+created_datasource = client.create_datasource(datasource)
+print(f"Created datasource: {created.metadata.name}")
+```
+
+### Creating a Detection Rule
+
+```python
+from dasl_client.types import Rule, Schedule
+
+# Create a new detection rule to detect failed logins
+rule = Rule(
+    schedule=Schedule(
+        at_least_every="2h",
+        enabled=True,
+    ),
+    input=Rule.Input(
+        stream=Rule.Input.Stream(
+            tables=[
+                Rule.Input.Stream.Table(name="http_activity"),
+            ],
+            filter="disposition = 'Blocked'",
+            starting_timestamp=datetime(2025, 7, 8, 16, 47, 30),
+        ),
+    ),
+    output=Rule.Output(
+        summary="record was blocked",
+    ),
+)
+
+try:
+    created_rule = client.create_rule("Detect Blocked HTTP Activity", rule)
+    print(f"Successfully created rule: {created_rule.metadata.name}")
+except Exception as e:
+    print(f"Error creating rule: {e}")
+```
+
+## Requirements
+
+- Python 3.8+
+- Access to a Databricks workspace with DASL enabled
+- `databricks-sdk>=0.41.0`
+- `pydantic>=2`
+
+## Documentation
+
+For complete DASL Client documentation, examples, and API reference:
+
+- [DASL Client Documentation](https://antimatter-dasl-client.readthedocs-hosted.com/)
+- [API Reference](https://antimatter-dasl-client.readthedocs-hosted.com/en/latest/api-reference/)
+- [Quickstart Guide](https://antimatter-dasl-client.readthedocs-hosted.com/en/latest/quickstart.html)
+
+## Support
+
+- **Email**: support@antimatter.io
+- **Documentation**: [DASL Documentation](https://docs.sl.antimatter.io)

{dasl_client-1.0.1 → dasl_client-1.0.31}/dasl_client/__init__.py

@@ -3,3 +3,4 @@ from dasl_api.api import *
 from .errors import *
 from .client import Client
 from .types import *
+from .regions import *

{dasl_client-1.0.1 → dasl_client-1.0.31}/dasl_client/auth/auth.py

@@ -1,4 +1,5 @@
 import abc
+import base64
 import time
 from datetime import datetime
 
@@ -11,7 +12,8 @@ from dasl_api import (
 from databricks.sdk.errors import ResourceDoesNotExist
 
 from dasl_client.conn.conn import get_base_conn
-from dasl_client.errors.errors import handle_errors
+from dasl_client.errors.errors import error_handler
+
 from databricks.sdk import WorkspaceClient
 from typing import Optional
 
@@ -66,23 +68,26 @@ class ServiceAccountKeyAuth(Authorization):
         """
         return self._workspace
 
-    @handle_errors
     def refresh(self):
         """
         A helper function to refresh the bearer token used for authentication.
         :return:
         """
-        req = WorkspaceV1AuthenticateRequest(
-            service_account_key=self._service_account_key
-        )
-        handler = api.WorkspaceV1Api(api_client=self._client)
+        workspace_url = f"https://{self._workspace}"
+        host = self._client.configuration.host
+
+        with error_handler(workspace_url=workspace_url, host=host):
+            req = WorkspaceV1AuthenticateRequest(
+                service_account_key=self._service_account_key
+            )
+            handler = api.WorkspaceV1Api(api_client=self._client)
 
-        resp = handler.workspace_v1_authenticate(
-            workspace=self._workspace, workspace_v1_authenticate_request=req
-        )
-        self._client.set_default_header("Authorization", f"Bearer {resp.token}")
-        verification = api.DbuiV1Api(self._client).dbui_v1_verify_auth()
-        self.expiry = verification.expiry
+            resp = handler.workspace_v1_authenticate(
+                workspace=self._workspace, workspace_v1_authenticate_request=req
+            )
+            self._client.set_default_header("Authorization", f"Bearer {resp.token}")
+            verification = api.DbuiV1Api(self._client).dbui_v1_verify_auth()
+            self.expiry = verification.expiry
 
 
 class DatabricksTokenAuth(Authorization):
@@ -115,23 +120,26 @@ class DatabricksTokenAuth(Authorization):
         """
         return self._workspace
 
-    @handle_errors
     def refresh(self):
         """
         A helper function to refresh the bearer token used for authentication.
         :return:
         """
-        req = WorkspaceV1AuthenticateRequest(
-            databricks_api_token=self._databricks_token
-        )
-        handler = api.WorkspaceV1Api(api_client=self._client)
+        workspace_url = f"https://{self._workspace}"
+        host = self._client.configuration.host
+
+        with error_handler(workspace_url=workspace_url, host=host):
+            req = WorkspaceV1AuthenticateRequest(
+                databricks_api_token=self._databricks_token
+            )
+            handler = api.WorkspaceV1Api(api_client=self._client)
 
-        resp = handler.workspace_v1_authenticate(
-            workspace=self._workspace, workspace_v1_authenticate_request=req
-        )
-        self._client.set_default_header("Authorization", f"Bearer {resp.token}")
-        verification = api.DbuiV1Api(self._client).dbui_v1_verify_auth()
-        self.expiry = verification.expiry
+            resp = handler.workspace_v1_authenticate(
+                workspace=self._workspace, workspace_v1_authenticate_request=req
+            )
+            self._client.set_default_header("Authorization", f"Bearer {resp.token}")
+            verification = api.DbuiV1Api(self._client).dbui_v1_verify_auth()
+            self.expiry = verification.expiry
 
 
 class DatabricksSecretAuth(Authorization):
@@ -163,44 +171,47 @@ class DatabricksSecretAuth(Authorization):
         """
         return self._workspace
 
-    @handle_errors
     def refresh(self):
         """
         A helper function to refresh the bearer token used for authentication.
         :return:
         """
-        # First we do a pre-authenticate call to refresh the secret. It doesn't really matter if we race
-        # here with others, as long as the secret ends up with a recent value in it. The secret can be used
-        # more than once, but it does expire
-        req = WorkspaceV1RequestSecretRequest(
-            principalName=self._principal,
-        )
-        handler = api.WorkspaceV1Api(api_client=self._client)
-        resp = handler.workspace_v1_begin_authentication(
-            workspace=self._workspace, workspace_v1_begin_authenticate_request=req
-        )
-        secret_name = resp.secret_name
-        secret_value = ""
-        for tries in range(3):
-            try:
-                secret_value = WorkspaceClient().secrets.get_secret(
-                    secret_name, "token"
-                )
-                break
-            except ResourceDoesNotExist:
-                # Maybe there is a race here, let's retry
-                time.sleep(0.5)
-        if len(secret_value) == 0:
-            raise RuntimeError(f"failed to complete secret auth")
-
-        req = WorkspaceV1AuthenticateRequest(
-            databricks_secret=secret_value,
-        )
-        handler = api.WorkspaceV1Api(api_client=self._client)
-
-        resp = handler.workspace_v1_authenticate(
-            workspace=self._workspace, workspace_v1_authenticate_request=req
-        )
-        self._client.set_default_header("Authorization", f"Bearer {resp.token}")
-        verification = api.DbuiV1Api(self._client).dbui_v1_verify_auth()
-        self.expiry = verification.expiry
+        workspace_url = f"https://{self._workspace}"
+        host = self._client.configuration.host
+
+        with error_handler(workspace_url=workspace_url, host=host):
+            # First we do a pre-authenticate call to refresh the secret. It doesn't really matter if we race
+            # here with others, as long as the secret ends up with a recent value in it. The secret can be used
+            # more than once, but it does expire
+            req = WorkspaceV1RequestSecretRequest(
+                principalName=self._principal,
+            )
+            handler = api.WorkspaceV1Api(api_client=self._client)
+            resp = handler.workspace_v1_request_secret(
+                workspace=self._workspace, workspace_v1_request_secret_request=req
+            )
+            secret_name = resp.secret_name
+            secret_value = ""
+            for tries in range(3):
+                try:
+                    secret_value = (
+                        WorkspaceClient().secrets.get_secret(secret_name, "token").value
+                    )
+                    break
+                except ResourceDoesNotExist:
+                    # Maybe there is a race here, let's retry
+                    time.sleep(0.5)
+            if len(secret_value) == 0:
+                raise RuntimeError(f"failed to complete secret auth")
+
+            req = WorkspaceV1AuthenticateRequest(
+                databricks_secret=base64.b64decode(secret_value).decode("utf-8"),
+            )
+            handler = api.WorkspaceV1Api(api_client=self._client)
+
+            resp = handler.workspace_v1_authenticate(
+                workspace=self._workspace, workspace_v1_authenticate_request=req
+            )
+            self._client.set_default_header("Authorization", f"Bearer {resp.token}")
+            verification = api.DbuiV1Api(self._client).dbui_v1_verify_auth()
+            self.expiry = verification.expiry