eMASSer is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise Mission Assurance Support Service (eMASS) by leveraging its representational state transfer (REST) application programming interface (API).
eMASSer
is a Command Line Interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise Mission Assurance Support Service (eMASS) by leveraging its Representational State Transfer (REST) Application Programming Interface (API).
NOTE: The eMASSer
CLI utilizes the emass_client RubyGem executable package to access the eMASS API endpoints.
For detail content information about the eMASS
API references the eMASS API Specification page.
For detail features provided by the eMASSer
CLI references the eMASSer CLI Features page.
The eMASSer
CLI Architecture depicts the structure, and provides an explanation of CLI behaviors.
eMASSer
is a Ruby CLI distributed via GitHub (this repository), RubyGems, or Docker.
rubyzip (latest version)
emass_client (latest version)
cURL
binary is required (libcurl.dll). To install cURL:
libcurl.dll
if it has the _x64
suffixemasser.gemspec
file for all other dependenciesgit clone <path to emasser repository> emasser
cd emasser
gem build *.gemspec
gem install *.gem
*Note: To run in development mode there isn’t a need to build the gem, simply clone from the emasser repository and use:
bundle install
bundle exec exe/emasser [command]
Install the emasser
gem from the RubyGems registry
gem install emasser
Update the emasser
gem to the latest version
gem update emasser
To run (execute a command) create a .env*
file in the directory where you want to invoke the emmaser
and use:
emasser [command]
*Note: See Setting Environment Variables Configuration for detailed information on required and optional variables.
Ensure that docker engine is running and start the eMASSer Docker Container.
docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest
docker run --rm -v %cd%/path-to-secrets:/data mitre/emasser:latest
docker pull mitre/emasser:latest
Docker Notes:
--rm
Automatically remove the container when it exits-v
Bind mount a volumeIs the path to the .env
file and the appropriate eMASS certificates (key.pem and client.pem).
For example, if the .env
is located in the same directory where the docker run
is executed, running the command in a Windows platform would look like this:
docker run --rm -v %cd%/.:/data mitre/emasser:latest
docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest get help
docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest post help
docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest put help
docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest delete help
Example commands are for Linux or Mac, replace the $PWD
with %cd%
for Windows docker rmi -f mitre/emasser
The eMASSer
implements all endpoints provided by the eMASS
API, there is, all of the functions available from the eMASS GUI
that are exposed by the API. If additional functions are useful (accessible via the CLI), please submit a request to eMass Tier III Support for possible inclusion into the API.
The Road Map seeks to add any useful features that facilitates organization that utilizes eMASS
instances and have a need to automate their cybersecurity management process.
For additional capability create an issue, and email it to the SAF Team citing the issue link so we can help.
Some proposed capabilities (looking for a sponsor) are:
The eMASSer
CLI leverages the emass_client, which provides a REST API client developed by MITRE based on the OpenAPI V3 standards for the official eMASS API specification. This design enables REST API clients to be generated in any supported programming language. The design enables the emass_client
to be generated independently of the eMASSer CLI. Currently, a Ruby and a Typescript eMASS client API are provided. The TypeScript client is used with the Security Automation Framework CLI (SAF) CLI.
Because interactions with the API are handled by a dependency, the bulk of eMASSer
business logic is for accepting user input/output, reading data from eMASS or from input, transforming data, and routing data to the appropriate eMASS API endpoint. This business logic is organized into Ruby Classes and Modules based on the command or subcommand requested by the user.
The eMASSer
CLI makes use of the emass_client
ruby gem to communicate with an eMASS
instance via the eMASS API
as depicted in the diagram below:
© 2020 The MITRE Corporation.
Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.