Assets exporteren

Assets worden geëxporteerd met de assets_paged-query. Elke asset bevat CIA-scores (vertrouwelijkheid, integriteit, beschikbaarheid), gekoppelde controls, risico's en informatietypen.

Basisquery

query ExportAssets($first: Int, $after: String, $filter: AssetFilter) {
  assets_paged(first: $first, after: $after, filter: $filter) {
    edges {
      node {
        id
        sequenceId
        customId
        name
        description
        notBefore
        expires
        archived
        confidentiality
        integrity
        availability
        mao
        rto
        rpo
        informationTypes
        controls {
          id
          sequenceId
          name
        }
        risks {
          id
          sequenceId
          name
          treatment
        }
        assignments {
          assignmentType
          user {
            name
            email
          }
        }
        attributes {
          key
          value
        }
      }
    }
    pageInfo {
      hasNextPage
      endCursor
    }
  }
}

Variabelen voor de eerste pagina:

{ "first": 50, "after": null, "filter": {} }

Belangrijke velden

sequenceId — het leesbare nummer zoals getoond in de UI (bijv. A-7)
customId — optionele aangepaste identifier ingesteld door je team
confidentiality / integrity / availability — CIA-impactscores (schaal 1–3)
mao — Maximum Acceptable Outage (ISO 8601 Duur, bijv. PT4H)
rto — Recovery Time Objective (ISO 8601 Duur)
rpo — Recovery Point Objective (ISO 8601 Duur)
informationTypes — soorten informatie die door deze asset worden verwerkt (bijv. CUSTOMER_INFORMATION, FINANCIAL_RECORDS)

Volledig exportscript (Python)

import requests
import csv

GRAPHQL_URL = "https://portal.tidalcontrol.com/graphql"

QUERY = """
query ExportAssets($first: Int, $after: String, $filter: AssetFilter) {
  assets_paged(first: $first, after: $after, filter: $filter) {
    edges {
      node {
        id
        sequenceId
        customId
        name
        description
        notBefore
        expires
        archived
        confidentiality
        integrity
        availability
        mao
        rto
        rpo
        informationTypes
        controls { id sequenceId name }
        risks { id sequenceId name treatment }
        assignments { assignmentType user { name email } }
      }
    }
    pageInfo { hasNextPage endCursor }
  }
}
"""


def graphql(query, variables, access_token):
    r = requests.post(
        GRAPHQL_URL,
        json={"query": query, "variables": variables},
        headers={"Authorization": f"Bearer {access_token}"},
    )
    r.raise_for_status()
    result = r.json()
    if "errors" in result:
        raise RuntimeError(result["errors"])
    return result["data"]


def export_assets(access_token, include_archived=False):
    assets = []
    cursor = None
    asset_filter = {"archived": include_archived} if include_archived else {}

    while True:
        data = graphql(
            QUERY,
            {"first": 50, "after": cursor, "filter": asset_filter},
            access_token,
        )
        page = data["assets_paged"]
        assets.extend(edge["node"] for edge in page["edges"])

        if not page["pageInfo"]["hasNextPage"]:
            break
        cursor = page["pageInfo"]["endCursor"]

    return assets


def to_csv(assets, output_path):
    if not assets:
        print("Geen assets gevonden.")
        return

    with open(output_path, "w", newline="", encoding="utf-8") as f:
        writer = csv.writer(f)
        writer.writerow([
            "ID", "Volgnummer", "Aangepast ID", "Naam", "Omschrijving",
            "Startdatum", "Vervaldatum", "Gearchiveerd",
            "Vertrouwelijkheid", "Integriteit", "Beschikbaarheid",
            "MAO", "RTO", "RPO",
            "Informatietypen", "Gekoppelde controls", "Gekoppelde risico's", "Eigenaren",
        ])
        for a in assets:
            owners = [
                asgn["user"]["email"]
                for asgn in a["assignments"]
                if asgn["assignmentType"] == "OWNER"
            ]
            writer.writerow([
                a["id"],
                a["sequenceId"],
                a.get("customId", ""),
                a["name"],
                a.get("description", ""),
                a.get("notBefore", ""),
                a.get("expires", ""),
                a["archived"],
                a.get("confidentiality", ""),
                a.get("integrity", ""),
                a.get("availability", ""),
                a.get("mao", ""),
                a.get("rto", ""),
                a.get("rpo", ""),
                ", ".join(a.get("informationTypes") or []),
                ", ".join(c["name"] for c in a["controls"]),
                ", ".join(r["name"] for r in a["risks"]),
                ", ".join(owners),
            ])

    print(f"{len(assets)} assets geëxporteerd naar {output_path}")


if __name__ == "__main__":
    ACCESS_TOKEN = "eyJhbGci..."

    assets = export_assets(ACCESS_TOKEN)
    to_csv(assets, "assets_export.csv")

Filtervoorbeelden

Assets met hoge impact:

{ "filter": { "impact": ["HIGH"] } }

Assets gekoppeld aan een specifieke control:

{ "filter": { "controls": ["control-uuid-hier"] } }

Assets toegewezen aan een specifieke gebruiker:

{ "filter": { "assignees": ["gebruiker-uuid-hier"] } }

Assets gekoppeld aan een specifiek framework:

{ "filter": { "frameworks": ["framework-uuid-hier"] } }

Alleen tellen

query {
  assets_count(filter: { archived: false })
}