baton-wiz is a connector for built using the Baton SDK.
Check out Baton to learn more the project in general.
brew install conductorone/baton/baton conductorone/baton/baton-wiz
baton-wiz
baton resources
docker run --rm -v $(pwd):/out -e BATON_WIZ_CLIENT_ID=clientID -e BATON_WIZ_CLIENT_SECRET=clientSecret BATON_AUTH_URL=auth_url -e BATON_ENDPOINT_URL=auth_url -e BATON_AUDIENCE=audience -e BATON_RESOURCE_IDS=resourecID1,resourceID2 ghcr.io/conductorone/baton-wiz:latest -f "/out/sync.c1z"
docker run --rm -v $(pwd):/out ghcr.io/conductorone/baton:latest -f "/out/sync.c1z" resources
go install github.com/conductorone/baton/cmd/baton@main
go install github.com/conductorone/baton-wiz/cmd/baton-wiz@main
BATON_WIZ_CLIENT_ID=clientID \
BATON_WIZ_CLIENT_SECRET=clientSecret' \
BATON_ENDPOINT_URL=https://api.<region>.app.wiz.io/graphql \
BATON_AUTH_URL=https://auth.app.wiz.io/oauth/token \
BATON_AUDIENCE=wiz-api \
BATON_RESOURCE_IDS=resourceID1,resourceID2 baton-wiz
baton resources
baton-wiz will pull down information about the following resources:
- Users
- Wiz Resources
We started Baton because we were tired of taking screenshots and manually building spreadsheets. We welcome contributions, and ideas, no matter how small—our goal is to make identity and permissions sprawl less painful for everyone. If you have questions, problems, or ideas: Please open a GitHub Issue!
See CONTRIBUTING.md for more details.
baton-wiz
Usage:
baton-wiz [flags]
baton-wiz [command]
Available Commands:
capabilities Get connector capabilities
completion Generate the autocompletion script for the specified shell
help Help about any command
Flags:
--audience string The audience used to authenticate with Wiz ($BATON_AUDIENCE) (default "wiz-api")
--auth-url string required: The auth url used to authenticate with Wiz ($BATON_AUTH_URL)
--client-id string The client ID used to authenticate with ConductorOne ($BATON_CLIENT_ID)
--client-secret string The client secret used to authenticate with ConductorOne ($BATON_CLIENT_SECRET)
--endpoint-url string required: The endpoint url used to authenticate with Wiz ($BATON_ENDPOINT_URL)
-f, --file string The path to the c1z file to sync with ($BATON_FILE) (default "sync.c1z")
-h, --help help for baton-wiz
--log-format string The output format for logs: json, console ($BATON_LOG_FORMAT) (default "json")
--log-level string The log level: debug, info, warn, error ($BATON_LOG_LEVEL) (default "info")
-p, --provisioning This must be set in order for provisioning actions to be enabled ($BATON_PROVISIONING)
--resource-ids strings The resource ids to sync ($BATON_RESOURCE_IDS)
--skip-full-sync This must be set to skip a full sync ($BATON_SKIP_FULL_SYNC)
--sync-identities Enable if wiz identities should be synced ($BATON_SYNC_IDENTITIES)
--tags string The tags on resources to sync ($BATON_TAGS)
--ticketing This must be set to enable ticketing support ($BATON_TICKETING)
-v, --version version for baton-wiz
--wiz-client-id string required: The client ID used to authenticate with Wiz ($BATON_WIZ_CLIENT_ID)
--wiz-client-secret string required: The client secret used to authenticate with Wiz ($BATON_WIZ_CLIENT_SECRET)
--wiz-resource-types strings The wiz resource-types to sync ($BATON_WIZ_RESOURCE_TYPES)
Use "baton-wiz [command] --help" for more information about a command.