[ad_1]
This weblog submit will uncover how one can automate DNS coverage administration with Tags.
To streamline DNS coverage administration for roaming computer systems, categorize them utilizing tags. By assigning a typical tag to a set of roaming computer systems, they are often collectively addressed as a single entity throughout coverage configuration. This method is really helpful for deployments with many roaming computer systems, starting from lots of to 1000’s, because it considerably simplifies and quickens coverage creation.
Excessive-level workflow description
- Add API Key
- Generate OAuth 2.0 entry token
- Create tag
- Get the listing of roaming computer systems and establish associated ‘originId’
- Add tag to units.
The Umbrella API supplies a typical REST interface and helps the OAuth 2.0 consumer credentials stream. Whereas creating the API Key, you possibly can set the associated Scope and Expire Date.
To begin working with tagging, you could create an API key with the Deployment learn/write scope.
After producing the API Shopper and API secret, you should utilize it for associated API calls.
First, we have to generate an OAuth 2.0 entry token.
You are able to do this with the next Python script:
import requests import os import json import base64 api_client = os.getenv('API_CLIENT') api_secret = os.getenv('API_SECRET') def generateToken(): url = "https://api.umbrella.com/auth/v2/token" usrAPIClientSecret = api_client + ":" + api_secret basicUmbrella = base64.b64encode(usrAPIClientSecret.encode()).decode() HTTP_Request_header = {"Authorization": "Primary %s" % basicUmbrella, "Content material-Kind": "software/json;"} payload = json.dumps({ "grant_type": "client_credentials" }) response = requests.request("GET", url, headers=HTTP_Request_header, information=payload) print(response.textual content) access_token = response.json()['access_token'] print(accessToken) return accessToken if __name__ == "__main__": accessToken = generateToken()
Anticipated output:
{“token_type”:”bearer”,”access_token”:”cmVwb3J0cy51dGlsaXRpZXM6cmVhZCBsImtpZCI6IjcyNmI5MGUzLWQ1MjYtNGMzZS1iN2QzLTllYjA5NWU2ZWRlOSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1bWJyZWxsYS1hdXRoei9hdXRoc3ZjIiwic…OiJhZG1pbi5wYXNzd29yZHJlc2V0OndyaXRlIGFkbWluLnJvbGVzOnJlYWQgYWRtaW4udXNlcnM6d3JpdGUgYWRtaW4udXNlcnM6cmVhZCByZXBvcnRzLmdyYW51bGFyZXZlbnRzOnJlYWQgyZXBvcnRzLmFnZ3Jl…MzlL”,”expires_in”:3600}
We are going to use the OAuth 2.0 entry token retrieved within the earlier step for the next API requests.
Let’s create tag with the identify “Home windows 10”
def addTag(tagName): url = "https://api.umbrella.com/deployments/v2/tags" payload = json.dumps({ "identify": tagName }) headers = { 'Settle for': 'software/json', 'Content material-Kind': 'software/json', 'Authorization': 'Bearer ' + accessToken } response = requests.request("POST", url, headers=headers, information=payload) print(response.textual content) addTag("Home windows 10", accesToken)
Anticipated output:
{ "id": 90289, "organizationId": 7944991, "identify": "Home windows 10", "originsModifiedAt": "", "createdAt": "2024-03-08T21:51:05Z", "modifiedAt": "2024-03-08T21:51:05Z" }
Umbrella dashboard, Record of roaming computer systems with out tags
Every tag has its distinctive ID, so we should always word these numbers to be used within the following question.
The next operate helps us Get the Record of roaming computer systems:
def getListRoamingComputers(accesToken): url = "https://api.umbrella.com/deployments/v2/roamingcomputers" payload = {} headers = { 'Settle for': 'software/json', 'Content material-Kind': 'software/json', 'Authorization': 'Bearer ' + accessToken } response = requests.request("GET", url, headers=headers, information=payload) print(response.textual content)
Anticipated output:
[
{
“originId”: 621783439,
“deviceId”: “010172DCA0204CDD”,
“type”: “anyconnect”,
“status”: “Off”,
“lastSyncStatus”: “Encrypted”,
“lastSync”: “2024-02-26T15:50:55.000Z”,
“appliedBundle”: 13338557,
“version”: “5.0.2075”,
“osVersion”: “Microsoft Windows NT 10.0.18362.0”,
“osVersionName”: “Windows 10”,
“name”: “CLT1”,
“hasIpBlocking”: false
},
{
“originId”: 623192385,
“deviceId”: “0101920E8BE1F3AD”,
“type”: “anyconnect”,
“status”: “Off”,
“lastSyncStatus”: “Encrypted”,
“lastSync”: “2024-03-07T15:20:39.000Z”,
“version”: “5.1.1”,
“osVersion”: “Microsoft Windows NT 10.0.19045.0”,
“osVersionName”: “Windows 10”,
“name”: “DESKTOP-84BV9V6”,
“hasIpBlocking”: false,
“appliedBundle”: null
}
]
Customers can iterate by way of the JSON listing objects and filter them by osVersionName, identify, deviceId, and so on., and file the associated originId within the listing that we’ll use to use the associated tag.
With associated tag ID and roaming computer systems originId listing, we will lastly add a tag to units, utilizing the next operate:
def addTagToDevices(tagId, deviceList, accesToken): url = "https://api.umbrella.com/deployments/v2/tags/{}/units".format(tagId) payload = json.dumps({ "addOrigins": }) headers = { 'Settle for': 'software/json', 'Content material-Kind': 'software/json', 'Authorization': 'Bearer ' + accessToken } response = requests.request("POST", url, headers=headers, information=payload) print(response.textual content) addTagToDevices(tagId, [ 621783439, 623192385 ], accesToken)
Anticipated output:
{ "tagId": 90289, "addOrigins": [ 621783439, 623192385 ], "removeOrigins": [] }
After including tags, let’s test the dashboard
Umbrella dashboard, listing of roaming computer systems after we add tags utilizing API
A associated tag is out there to pick out when creating a brand new DNS coverage.
Notes:
- Every roaming pc might be configured with a number of tags
- A tag can’t be utilized to a roaming pc on the time of roaming consumer set up.
- You can’t delete a tag. As a substitute, take away a tag from a roaming pc.
- Tags might be as much as 40 characters lengthy.
- You possibly can add as much as 500 units to a tag (per request).
Strive these updates within the DevNet Sandbox
Give it a strive! Play with these updates utilizing the Umbrella DevNet Sandbox.
Share:
[ad_2]