[ad_1]
This weblog submit will display you ways you’ll be able to automate DNS coverage control with Tags.
To streamline DNS coverage control for roaming computer systems, categorize them the usage of tags. By way of assigning an ordinary tag to a selection of roaming computer systems, they may be able to be jointly addressed as a unmarried entity all through coverage configuration. This means is really helpful for deployments with many roaming computer systems, starting from masses to 1000’s, because it considerably simplifies and accelerates coverage advent.
Top-level workflow description
- Upload API Key
- Generate OAuth 2.0 get entry to token
- Create tag
- Get the listing of roaming computer systems and determine comparable ‘originId’
- Upload tag to gadgets.
The Umbrella API supplies an ordinary REST interface and helps the OAuth 2.0 consumer credentials float. Whilst developing the API Key, you’ll be able to set the comparable Scope and Expire Date.
To start out operating with tagging, you wish to have to create an API key with the Deployment learn/write scope.
After producing the API Consumer and API secret, you’ll be able to use it for comparable API calls.
First, we wish to generate an OAuth 2.0 get entry to token.
You’ll do that with the next Python script:
import requests import os import json import base64 api_client = os.getenv('API_CLIENT') api_secret = os.getenv('API_SECRET') def generateToken(): url = "https://api.umbrella.com/auth/v2/token" usrAPIClientSecret = api_client + ":" + api_secret basicUmbrella = base64.b64encode(usrAPIClientSecret.encode()).decode() HTTP_Request_header = {"Authorization": "Fundamental %s" % basicUmbrella, "Content material-Kind": "software/json;"} payload = json.dumps({ "grant_type": "client_credentials" }) reaction = requests.request("GET", url, headers=HTTP_Request_header, knowledge=payload) print(reaction.textual content) access_token = reaction.json()['access_token'] print(accessToken) go back accessToken if __name__ == "__main__": accessToken = generateToken()
Anticipated output:
{“token_type”:”bearer”,”access_token”:”cmVwb3J0cy51dGlsaXRpZXM6cmVhZCBsImtpZCI6IjcyNmI5MGUzLWQ1MjYtNGMzZS1iN2QzLTllYjA5NWU2ZWRlOSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1bWJyZWxsYS1hdXRoei9hdXRoc3ZjIiwic…OiJhZG1pbi5wYXNzd29yZHJlc2V0OndyaXRlIGFkbWluLnJvbGVzOnJlYWQgYWRtaW4udXNlcnM6d3JpdGUgYWRtaW4udXNlcnM6cmVhZCByZXBvcnRzLmdyYW51bGFyZXZlbnRzOnJlYWQgyZXBvcnRzLmFnZ3Jl…MzlL”,”expires_in”:3600}
We will be able to use the OAuth 2.0 get entry to token retrieved within the earlier step for the next API requests.
Let’s create tag with the identify “Home windows 10”
def addTag(tagName): url = "https://api.umbrella.com/deployments/v2/tags" payload = json.dumps({ "identify": tagName }) headers = { 'Settle for': 'software/json', 'Content material-Kind': 'software/json', 'Authorization': 'Bearer ' + accessToken } reaction = requests.request("POST", url, headers=headers, knowledge=payload) print(reaction.textual content) addTag("Home windows 10", accesToken)
Anticipated output:
{ "identification": 90289, "organizationId": 7944991, "identify": "Home windows 10", "originsModifiedAt": "", "createdAt": "2024-03-08T21:51:05Z", "modifiedAt": "2024-03-08T21:51:05Z" }
Umbrella dashboard, Record of roaming computer systems with out tags
Each and every tag has its distinctive ID, so we must observe those numbers to be used within the following question.
The next serve as is helping us Get the Record of roaming computer systems:
def getListRoamingComputers(accesToken): url = "https://api.umbrella.com/deployments/v2/roamingcomputers" payload = {} headers = { 'Settle for': 'software/json', 'Content material-Kind': 'software/json', 'Authorization': 'Bearer ' + accessToken } reaction = requests.request("GET", url, headers=headers, knowledge=payload) print(reaction.textual content)
Anticipated output:
[
{
“originId”: 621783439,
“deviceId”: “010172DCA0204CDD”,
“type”: “anyconnect”,
“status”: “Off”,
“lastSyncStatus”: “Encrypted”,
“lastSync”: “2024-02-26T15:50:55.000Z”,
“appliedBundle”: 13338557,
“version”: “5.0.2075”,
“osVersion”: “Microsoft Windows NT 10.0.18362.0”,
“osVersionName”: “Windows 10”,
“name”: “CLT1”,
“hasIpBlocking”: false
},
{
“originId”: 623192385,
“deviceId”: “0101920E8BE1F3AD”,
“type”: “anyconnect”,
“status”: “Off”,
“lastSyncStatus”: “Encrypted”,
“lastSync”: “2024-03-07T15:20:39.000Z”,
“version”: “5.1.1”,
“osVersion”: “Microsoft Windows NT 10.0.19045.0”,
“osVersionName”: “Windows 10”,
“name”: “DESKTOP-84BV9V6”,
“hasIpBlocking”: false,
“appliedBundle”: null
}
]
Customers can iterate in the course of the JSON listing pieces and clear out them through osVersionName, identify, deviceId, and many others., and document the comparable originId within the listing that we can use to use the comparable tag.
With comparable tag ID and roaming computer systems originId listing, we will after all upload a tag to gadgets, the usage of the next serve as:
def addTagToDevices(tagId, deviceList, accesToken): url = "https://api.umbrella.com/deployments/v2/tags/{}/gadgets".structure(tagId) payload = json.dumps({ "addOrigins": }) headers = { 'Settle for': 'software/json', 'Content material-Kind': 'software/json', 'Authorization': 'Bearer ' + accessToken } reaction = requests.request("POST", url, headers=headers, knowledge=payload) print(reaction.textual content) addTagToDevices(tagId, [ 621783439, 623192385 ], accesToken)
Anticipated output:
{ "tagId": 90289, "addOrigins": [ 621783439, 623192385 ], "removeOrigins": [] }
After including tags, let’s test the dashboard
Umbrella dashboard, listing of roaming computer systems when we upload tags the usage of API
A comparable tag is to be had to choose when developing a brand new DNS coverage.
Notes:
- Each and every roaming laptop may also be configured with more than one tags
- A tag can’t be implemented to a roaming laptop on the time of roaming consumer set up.
- You can not delete a tag. As a substitute, take away a tag from a roaming laptop.
- Tags may also be as much as 40 characters lengthy.
- You’ll upload as much as 500 gadgets to a tag (in line with request).
Take a look at those updates within the DevNet Sandbox
Give it a check out! Play with those updates the usage of the Umbrella DevNet Sandbox.
Percentage:
[ad_2]