Skip to content

postrv/drata-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
controls_comments_export.py
controls_comments_export.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Drata API Utilities

A collection of Python scripts to interact with the Drata API for compliance management and reporting purposes.

Overview

This repository contains utilities for extracting and managing compliance-related data from Drata. The scripts help automate common tasks such as exporting controls and their associated notes, allowing for better visibility and reporting of your compliance posture.

Scripts

Controls and Comments Export

File: controls_comments_export.py

This script extracts SOC 2 controls and their associated notes/comments from Drata and exports them to a CSV file.

Features:

  • Fetches all SOC 2 controls from the Drata API
  • Retrieves notes/comments for each control
  • Exports everything to a comprehensive CSV with timestamps
  • Handles pagination automatically
  • Includes control metadata and note details

Setup

Prerequisites

  • Python 3.8 or higher
  • A Drata account with API access

Installation

  1. Clone this repository:

    git clone https://github.com/yourusername/drata-api-utilities.git
cd drata-api-utilities

  2. Create a virtual environment and activate it:

    python -m venv .venv
source .venv/bin/activate  # On Windows, use: .venv\Scripts\activate

  3. Install the required packages:

    pip install -r requirements.txt

  4. Create a .env file in the repository root with your Drata API credentials:

    DRATA_API_KEY=your_api_key_here
DRATA_WORKSPACE_ID=your_workspace_id_here

Usage

Running the Controls Comments Export

Execute the script to fetch all SOC 2 controls and their notes:

python controls_comments_export.py

The script will:

  1. Connect to the Drata API
  2. Fetch all SOC 2 controls
  3. Retrieve notes for each control
  4. Export the data to a timestamped CSV file

Output files will be saved in the current directory with a naming pattern like: drata_soc2_controls_with_notes_YYYYMMDD_HHMMSS.csv

Configuration

You can modify the scripts to change their behavior:

  • Edit the frameworkTags parameter to target different frameworks (e.g., ISO 27001, NIST CSF)
  • Adjust the CSV columns in the export_to_csv function
  • Modify the API request parameters for different data filtering

Troubleshooting

Common Issues

  • API Key Invalid: Ensure your DRATA_API_KEY in the .env file is correct and has not expired
  • Rate Limiting: The scripts include small delays between API calls to avoid rate limiting. If you encounter rate limit errors, increase the delay time.
  • Missing Notes: If notes aren't appearing in the export, check if your account has proper permissions to access notes for the controls.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

  1. Fork the repository
  2. Create your feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add some amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.

Disclaimer

This tool is not officially affiliated with Drata. Always review and comply with Drata's API usage policies and terms of service when using these scripts.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages