How to use the fmcapi.AccessPolicies function in fmcapi
To help you get started, we’ve selected a few fmcapi examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
daxm / fmcapi / unit_tests / device_with_task.py View on Github 
def test__device_with_task(fmc):
logging.info(
'Test Device1 with Task. This requires having an actual device with the "configure manager add" '
"statement enabled."
)
starttime = str(int(time.time()))
namer = f"_fmcapi_test_{starttime}"
acp1 = fmcapi.AccessPolicies(fmc=fmc, name=namer)
acp1.post()
starttime = str(int(time.time()))
obj1_namer = f"_fmcapi_test_{starttime}"
obj1 = fmcapi.Device(fmc=fmc)
obj1.hostName = "10.255.0.43"
obj1.name = obj1_namer
obj1.regKey = "cisco123"
obj1.natID = "cisco123"
obj1.acp(name=acp1.name)
obj1.licensing(action="add", name="BASE")
obj1.licensing(action="add", name="THREAT")
obj1.licensing(action="add", name="MALWARE")
logging.info("Device -->")
logging.info(obj1.format_data())def test__devicerecords(fmc):
logging.info(
'Test Device. Though you can "Post" devices I do not have one handy. So '
"add/remove licenses on Device Objects."
)
starttime = str(int(time.time()))
namer = f"_fmcapi_test_{starttime}"
acp1 = fmcapi.AccessPolicies(fmc=fmc, name=namer)
acp1.post()
obj1 = fmcapi.DeviceRecords(fmc=fmc)
obj1.name = namer
obj1.acp(name=acp1.name)
obj1.licensing(action="add", name="MALWARE")
obj1.licensing(action="add", name="VPN")
obj1.licensing(action="remove", name="VPN")
obj1.licensing(action="clear")
obj1.licensing(action="add", name="BASE")
logging.info("Device -->")
logging.info(obj1.format_data())
acp1.delete()
logging.info("Test Device done.\n")def test__access_control_policy(fmc):
logging.info("Test AccessControlPolicy. Post, get, put, delete ACP Objects.")
starttime = str(int(time.time()))
namer = f"_fmcapi_test_{starttime}"
obj1 = fmcapi.AccessPolicies(fmc=fmc)
obj1.name = namer
obj1.post()
time.sleep(1)
del obj1
obj1 = fmcapi.AccessPolicies(fmc=fmc, name=namer)
obj1.get()
obj1.name = "asdfasdf"
obj1.put()
time.sleep(1)
obj1.delete()
logging.info("Test AccessControlPolicy done.\n")def test__access_control_policy(fmc):
logging.info("Test AccessControlPolicy. Post, get, put, delete ACP Objects.")
starttime = str(int(time.time()))
namer = f"_fmcapi_test_{starttime}"
obj1 = fmcapi.AccessPolicies(fmc=fmc)
obj1.name = namer
obj1.post()
time.sleep(1)
del obj1
obj1 = fmcapi.AccessPolicies(fmc=fmc, name=namer)
obj1.get()
obj1.name = "asdfasdf"
obj1.put()
time.sleep(1)
obj1.delete()
logging.info("Test AccessControlPolicy done.\n"))
obj11.post()
obj12 = fmcapi.ProtocolPortObjects(
fmc=fmc, name="_portrangetcp1", port="0-1023", protocol="TCP"
)
obj12.post()
obj2 = fmcapi.PortObjectGroups(fmc=fmc, name="_fmcapi_test_portobjectgroup")
obj2.named_ports(action="add", name=obj10.name)
obj2.named_ports(action="add", name=obj11.name)
obj2.named_ports(action="add", name=obj12.name)
obj2.post()
# Build a Security Zone object
sz1 = fmcapi.SecurityZones(fmc=fmc, name="_sz1", interfaceMode="ROUTED")
sz1.post()
# Build an ACP Object
acp1 = fmcapi.AccessPolicies(fmc=fmc, name=namer)
acp1.post()
# Get a file_policy
# fp = fmcapi.FilePolicies(fmc=fmc1, name='daxm_test')
time.sleep(1)
logging.info("Setup of objects for ACPRule test done.\n")
logging.info(
"Test ACPRule. Try to test all features of all methods of the ACPRule class."
)
acprule1 = fmcapi.AccessRules(fmc=fmc, acp_name=acp1.name)
acprule1.name = namer
acprule1.action = "ALLOW"
acprule1.enabled = False
acprule1.sendEventsToFMC = True
acprule1.logFiles = False
acprule1.logBegin = True"""
# ### Set these variables to match your environment. ### #
host = "10.0.0.10"
username = "apiadmin"
password = "Admin123"
with fmcapi.FMC(
host=host,
username=username,
password=password,
autodeploy=True,
file_logging="hq-ftd.log",
) as fmc1:
# Create an ACP
acp = fmcapi.AccessPolicies(fmc=fmc1, name="ACP Policy")
acp.defaultAction = "BLOCK"
# I intentionally put a "space" in the ACP name to show that fmcapi will "fix" that for you.
acp.post()
# Create Security Zones
sz_inside = fmcapi.SecurityZones(
fmc=fmc1, name="inside", interfaceMode="ROUTED"
)
sz_inside.post()
sz_outside = fmcapi.SecurityZones(
fmc=fmc1, name="outside", interfaceMode="ROUTED"
)
sz_outside.post()
sz_dmz = fmcapi.SecurityZones(fmc=fmc1, name="dmz", interfaceMode="ROUTED")
sz_dmz.post()
def create_access_policies(fmc, acp_list):
"""Create Access Policies and their associated AccessRules"""
for acp in acp_list:
policy = fmcapi.AccessPolicies(
fmc=fmc, name=acp["name"], defaultAction=acp["default_action"]
)
policy.post()
# Build access_rules associated with this acp.
if "rules" in acp:
for rule in acp["rules"]:
acp_rule = fmcapi.AccessRules(
fmc=fmc, acp_name=policy.name, name=rule["name"]
)
if "log_begin" in rule:
acp_rule.logBegin = rule["log_begin"]
if "log_end" in rule:
acp_rule.logEnd = rule["log_end"]
if "send_events_to_fmc" in rule:
acp_rule.sendEventsToFMC = rule["send_events_to_fmc"]fmcapi
Easier interface to Cisco's FMC API than writing your own way.
Package Health Score
70 / 100Popular fmcapi functions
- fmcapi.AccessPolicies
- fmcapi.AccessRules
- fmcapi.api_objects.AccessRules
- fmcapi.api_objects.api_template.APIClassTemplate
- fmcapi.api_objects.APIClassTemplate
- fmcapi.api_objects.apiclasstemplate.APIClassTemplate
- fmcapi.api_objects.device_ha_pair_services.ftddevicehapairs.FTDDeviceHAPairs
- fmcapi.api_objects.device_services.devicerecords.DeviceRecords
- fmcapi.api_objects.object_services.networkaddresses.NetworkAddresses
- fmcapi.api_objects.object_services.networkgroups.NetworkGroups
- fmcapi.api_objects.object_services.securityzones.SecurityZones
- fmcapi.api_objects.policy_services.accesspolicies.AccessPolicies
- fmcapi.AutoNatRules
- fmcapi.Hosts
- fmcapi.IPv4StaticRoutes
- fmcapi.ManualNatRules
- fmcapi.Networks
- fmcapi.PhysicalInterfaces
- fmcapi.ProtocolPortObjects
- fmcapi.SecurityZones