Metadata-Version: 2.1
Name: Qualys-IaC-Security
Version: 1.0.0b2
Summary: Command line interface to scan Infrastructure-as-Code templates using Qualys IaC.
Home-page: UNKNOWN
Author: qualys
Author-email: plugins@qualys.com
License: MIT
Keywords: qiac
Platform: UNKNOWN
Requires-Python: >=3.0.*
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: click (==8.0.1)
Requires-Dist: requests (==2.25.1)
Requires-Dist: click-option-group (==0.5.3)
Requires-Dist: zipp (==3.4.1)
Requires-Dist: prettytable (==2.1.0)
Requires-Dist: py7zr (==0.16.1)

# Qualys-IaC-Security
The `qiac` is a command line interface to scan Infrastructure-as-Code templates using Qualys CloudView (Cloud Security Assessment).

## Description
The Qualys IaC app provides a quick yet reliable way to assess your Infrastructure-as-a-Code templates and uncover potential vulnerable situations. The `qiac` provides you an interface to interact with Qualys IaC module in a simple way.

This command line interface (CLI) provides following commands.

|Command Name | Feature | Description | Since Version |
| --------- | ------- | ----------- | ------------- |
| scan | Launch an IaC scan | You can scan one or more templates in a single command. This runs a job on Qualys cloud platform. | 1.0.0b2 |
| listscans | Get list of all IaC scans | Once you launch a scan, you can view list of all scans or a specific scan. | 1.0.0b2 |
| getresult | Get the IaC scan result | Once a scan is completed, you can download the scan result for your review. | 1.0.0b2 |


## Installation

### Prerequisite
You need to fulfill the following requirements to use this CLI tool.

- Python 3
- A valid Qualys subscription with access to 
  - CloudView (Cloud Security Assessment)
  - The Qualys API

### Command to install
You can install the `qiac` CLI from PyPI. Run the following command to install. 

```console
pip install Qualys-IaC-Security
```

## How to use

### See the supported options

You can use the `--help` option to get a list of supported options and their explanation. 

```console
Usage: qiac [OPTIONS] COMMAND [ARGS]...

Options:
  -v, --version  Show the version and exit.
  -h, --help     Show this message and exit.

Commands:
  getresult  Gets the scan result.
  listscans  List all the scans.
  scan       Triggers/Launches the IaC scan.
```

### Launch a scan

You can scan one or more file(s) using the following command.

```console
qiac scan -a <Qualys Platform> -u <your Qualys username> -d <path to a file or directory> -n <name of the scan>
```
 
* The CLI prompts for your Qualys password, only if password is not provided in command.  
* **Note:** To scan the template(s), this CLI uploads your file(s) to the Qualys Cloud Platform. 
* When you provide a path to a directory for `-d` option, the CLI will ZIP the contents and then upload the ZIP to the Qualys Cloud Platform. 
* On successful launch of the scan, the CLI output provides a Scan Id and show results in a tabular format.

### Get the list of all scans

You can get list of scans using the following command. If you want to get the scan details for a specific scan, provide the IaC scan Id obtained from the launch scan output. 

```console
qiac listscans -a <Qualys Platform> -u <your Qualys username> -i <Scan Id>
```

* This will fetch list of all IaC scan and its details and print it in tabular format on the terminal.

### Get the scan result

Once you see that the scan status is FINISHED or ERROR, you can use the following command to get the IaC scan result. 

```console
qiac getresult -a <Qualys Platform> -u <your Qualys username> -i <Scan Id>
```

* This will download the scan result and print it in tabular format on the terminal.

## Documentation

For more information you can refer **Secure Infrastructure as Code** section in this user guide: https://www.qualys.com/docs/qualys-cloud-view-user-guide.pdf

## Support

If you have any questions, please contact Qualys Support team at <support@qualys.com>

