Skip to main content

Python api client for firepower management center

Project description

python3 pypi license status published

FireREST

FireREST is a python library to interface with Cisco Firepower Management Center REST API.

Features

  • Authentication and automatic session refresh / re-authentication
  • Rate-limit detection and automatic backoff and retry behavior
  • Automatic squashing of paginated api payloads
  • Sanitization of api payloads for create and update operations
  • Detailed logging of api calls
  • API specific error handling using various custom exceptions
  • Support for resource lookup by name instead of uuid for all CRUD operations

Requirements

  • Python >= 3.7

Quickstart

Installation

pip install fireREST

Import api client

from fireREST import FMC

Authentication

FireREST uses basic authentication. In case your authentication token times out, the api client will automatically refresh the session and retry a failed operation. In case all 3 refresh tokens have been the connection object will try to re-authenticate again automatically.

fmc = FMC(hostname='fmc.example.com', username='firerest', password='Cisco123', domain='Global')

NOTE: By default Global is used as domain

Objects

Create network object

net_obj = {
    'name': 'NetObjViaAPI',
    'value': '198.18.1.0/24',
}

response = fmc.object.network.create(data=net_obj)

NOTE: In case a resource supports the bulk option FireREST will automatically append bulk=True to params if the data provided is of type list and not dict

Get all network objects

net_objects = fmc.object.network.get()

Get specific network object

net_objects = fmc.object.network.get(name='NetObjViaAPI')

NOTE: You can access resource either by name or uuid. If a name is specified FireREST will use a filter if supported by the api resource of iterate through all existing resources to find a match

Update network object

net_obj = fmc.object.network.get(name='NetObjViaAPI')
net_obj['name'] = 'RenamedNetObjViaAPI'
response = fmc.object.network.update(data=net_obj)

NOTE: FireREST automatically extracts the id field of the provided data dict to update the correct resource

Delete network object

response = fmc.object.network.delete(name='NetObjViaAPI')

Supported operations

Since FireREST does not try to provide a python object model nearly all api calls up to version 6.7.0 are available which includes but is not limited to the following CRUD operations:

├── assignment
│   ├── policyassignment
├── audit
│   ├── auditrecord
├── deployment
│   ├── deployabledevice
│   │   ├── deployment
│   │   ├── pendingchanges
│   ├── deploymentrequest
│   ├── jobhistory
│   └── rollbackrequest
├── device
│   ├── devicerecord
│   │   ├── bridgegroupinterface
│   │   ├── etherchannelinterface
│   │   ├── fpinterfacestatistics
│   │   ├── fplogicalinterface
│   │   ├── fpphysicalinterface
│   │   ├── inlineset
│   │   ├── interfaceevent
│   │   ├── operational
│   │   │   ├── command
│   │   │   ├── metric
│   │   ├── physicalinterface
│   │   ├── redundantinterface
│   │   ├── routing
│   │   │   ├── bgp
│   │   │   ├── bgpgeneralsettings
│   │   │   ├── ipv4staticroute
│   │   │   ├── ipv6staticroute
│   │   │   ├── ospfinterface
│   │   │   ├── ospfv2route
│   │   │   ├── ospfv3interface
│   │   │   ├── staticroute
│   │   │   └── virtualrouter
│   │   ├── subinterface
│   │   ├── virtualswitch
│   │   ├── virtualtunnelinterface
│   │   └── vlaninterface
├── devicecluster
│   ├── ftddevicecluster
├── devicegroup
│   ├── devicegrouprecord
├── devicehapair
│   ├── ftddevicehapair
│   │   ├── failoverinterfacemacaddressconfig
│   │   ├── monitoredinterface
├── health
│   ├── alert
│   ├── metric
├── integration
│   ├── cloudeventsconfig
│   ├── cloudregion
│   ├── externallookup
│   ├── externalstorage
├── intelligence
│   ├── taxiiconfig
│   │   ├── collection
│   │   ├── discoveryinfo
│   └── tid
│       ├── element
│       ├── incident
│       ├── indicator
│       ├── observable
│       ├── setting
│       └── source
├── job
│   └── taskstatus
├── object
│   ├── anyprotocolportobject
│   ├── application
│   ├── applicationcategory
│   ├── applicationfilter
│   ├── applicationproductivities
│   ├── applicationrisk
│   ├── applicationtag
│   ├── applicationtype
│   ├── aspathlist
│   ├── certenrollment
│   ├── communitylist
│   ├── continent
│   ├── country
│   ├── dnsservergroup
│   ├── endpointdevicetype
│   ├── expandedcommunitylist
│   ├── extendedaccesslist
│   ├── fqdn
│   ├── geolocation
│   ├── globaltimezone
│   ├── host
│   ├── icmpv4object
│   ├── icmpv6object
│   ├── ikev1ipsecproposal
│   ├── ikev1policy
│   ├── ikev2ipsecproposal
│   ├── ikev2policy
│   ├── interface
│   ├── interfacegroup
│   ├── ipv4prefixlist
│   ├── ipv6prefixlist
│   ├── isesecuritygrouptag
│   ├── keychain
│   ├── network
│   ├── networkaddress
│   ├── networkgroup
│   ├── policylist
│   ├── port
│   ├── portobjectgroup
│   ├── protocolportobject
│   ├── range
│   ├── realmuser
│   ├── realmusergroup
│   ├── routemap
│   ├── securitygrouptag
│   ├── securityzone
│   ├── siurlfeed
│   ├── siurllist
│   ├── slamonitor
│   ├── standardaccesslist
│   ├── standardcommunitylist
│   ├── timerange
│   ├── timezone
│   ├── tunneltag
│   ├── url
│   ├── urlcategory
│   ├── urlgroup
│   ├── variableset
│   ├── vlangrouptag
│   └── vlantag
├── policy
│   ├── accesspolicy
│   │   ├── accessrule
│   │   ├── category
│   │   ├── defaultaction
│   │   ├── inheritancesettings
│   │   ├── loggingsettings
│   │   ├── operational
│   │   │   ├── hitcounts
│   ├── filepolicy
│   ├── ftdnatpolicy
│   │   ├── autonatrule
│   │   ├── manualnatrule
│   │   ├── natrule
│   ├── ftds2svpn
│   │   ├── advancedsettings
│   │   ├── endpoint
│   │   ├── ikesettings
│   │   ├── ipsecsettings
│   ├── intrusionpolicy
│   │   ├── intrusionrule
│   ├── prefilterpolicy
│   │   ├── defaultaction
│   │   ├── operational
│   │   │   ├── hitcounts
│   │   ├── prefilterrule
│   ├── snmpalert
│   └── syslogalert
├── system
│   ├── info
│   │   ├── domain
│   │   └── serverversion
├── update
│   └── upgradepackage
│       ├── applicabledevice
└── user
    ├── authrole
    └── ssoconfig

Authors

Oliver Kaiser (oliver.kaiser@outlook.com)

License

GNU General Public License v3.0 or later.

See LICENSE for the full text.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fireREST-1.0.0.tar.gz (39.1 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page