Skip to content

Latest commit

 

History

History
163 lines (141 loc) · 7.48 KB

README-python.md

File metadata and controls

163 lines (141 loc) · 7.48 KB
Raw

Dependencies

Make sure that you have python's requests module installed

$ pip3 install requests

Help output

If no arguments are specified, the script will not run. The last order of evaluation is checking to see if the --fileName argument has been set/

The logic is such that it follows this order:

  1. If no arguments are supplied, exit script.
  2. If one of the --all* arguments are supplied, check to see if the API Key exists (either checking the file prisma-access-api.key file or looking at the argument supplied from --apiKey.
  • No API key, exit script.
  • API key exists, then attempt to get the egress IPs based based on argument supplied.
  1. If egress IPs are returned from the API, then display them in tabulated format to stdout. Exit script.
  2. If egress IPs are returned from the API, and the --outputJsonFile or --outputCsvFile or --outputEdlFile argument is specified, then send the resulting output to those files in the appropriate format. Exit script.
  3. For these 2 options below, the API key does not need to be set.
  4. If the --fileName argument is used, then display the output to stdout in tabulated format.
  5. If the --fileName arguement and the --outputCsvFile arguments are used in tandem, then the json formatted file is converted to comma separated values.
usage: format-egress-ips.py [-h] [--fileName FILENAME] [--setAPIKey SETAPIKEY] [--showAPIKey] [--deleteAPIKey] [--apiKey APIKEY]
                            [--environment ENVIRONMENT] [--allEgressIPs] [--allAROnboardedMobileUserLocations]
                            [--allActiveIPOnboardedMobileUserLocations] [--allActiveMobileUserAddresses] [--allRemoteNetworkAddresses]
                            [--allCleanPipeAddresses] [--allExplicitProxyAddresses] [--allLoopbackIPAddresses] [--outputJsonFile OUTPUTJSONFILE]
                            [--outputCsvFile OUTPUTCSVFILE] [--outputEdlFile OUTPUTEDLFILE]

Format Egress IPs 0.13

options:
  -h, --help            show this help message and exit
  --fileName FILENAME   List of json formatted egress IPs to convert.
  --setAPIKey SETAPIKEY
                        Sets the API key into prisma-access-api.key file
  --showAPIKey          Shows the Prisma Access API Key from the prisma-access-api.key file.
  --deleteAPIKey        Deletes the Prisma Access API Key from prisma-access-api.key file.
  --apiKey APIKEY       Use stdin to enter API Key
  --environment ENVIRONMENT
                        By default, script queries prod environment.
  --allEgressIPs        Shows all egress IPs for Prisma Access Service
  --allAROnboardedMobileUserLocations
                        Retrieve all the active/reserved IP addresses for Mobile User Locations
  --allActiveIPOnboardedMobileUserLocations
                        Retrieve all the active Mobile Users IP addresses
  --allActiveMobileUserAddresses
                        Shows all Active Mobile User Addresses
  --allRemoteNetworkAddresses
                        Shows all Remote Network Addresses
  --allCleanPipeAddresses
                        Shows all Clean Pipe Addresses
  --allExplicitProxyAddresses
                        Shows all Clean Pipe Addresses
  --allLoopbackIPAddresses
                        Retrieves all the loopback addresses for each location.
  --outputJsonFile OUTPUTJSONFILE
                        Send json output to file.
  --outputCsvFile OUTPUTCSVFILE
                        Convert json output into comma separated values file.
  --outputEdlFile OUTPUTEDLFILE
                        Convert json into external dynamic list file.

API Keys

To set API Key

Creates the file prisma-access-api.key and adds the API key into it.

$ python3 format-egress-ips.py --setAPIKey this_is_my_api_key
Success
$

To show the API key:

$ python3 format-egress-ips.py --showAPIKey
this_is_my_api_key

To delete the API key:

$ python3 format-egress-ips.py --deleteAPIKey
Success
$

Egress IPs

To get Egress IPs

First make sure API key is set (see above) Use the --allEgressIPs command.

$ python3 format-egress-ips.py --allEgressIPs
Location              serviceType         egress IP           Active/Reserved
Singapore             gp_gateway          123.234.123.124     active
Thailand              gp_gateway          119.256.139.101     active
Vietnam               gp_gateway          191.199.280.100     active
US Central            gp_gateway          103.191.878.100     active

If you want to leverage the --apiKey argument instead of using the options above, repeat the same command with --apiKey defined.

$ python3 format-egress-ips.py --apiKey aldkfjlaksji4u50198u09uef-a9udfb9ausdf --allEgressIPs
Location              serviceType         egress IP           Active/Reserved
Singapore             gp_gateway          123.234.123.124     active
Thailand              gp_gateway          119.256.139.101     active
Vietnam               gp_gateway          191.199.280.100     active
US Central            gp_gateway          103.191.878.100     active

Getting loopback IP addresses for your tenant

This assumes you have the API key already set. Use the --apiKey argument to pass the API key via stdin.

$ python3 format-egress-ips.py --allLoopbackIPAddresses
Type           Location            Loopback IP
gpcs_gp_portal US West             10.91.0.12
gpcs_gp_portal US East             10.91.0.7
gpcs_gp_gw     US Southwest        10.91.0.13
gpcs_gp_gw     US Central          10.91.0.4
gpcs_gp_gw     US East             10.91.0.8
gpcs_gp_gw     US Southeast        10.91.0.3
gpcs_gp_gw     US Northwest        10.91.0.6

Convert egress IPs into comma separated values (csv) format

No output is displayed, but a file is created based on the argument supplied through --outputCsvFile

$ python3 format-egress-ips.py --allEgressIPs --outputCsvFile output.csv

Similarly as above, if you haven't defined an API key by using the --setAPIKey, you can use the --apiKey argument and pass it via stdin:

$ python3 format-egress-ips.py --apiKey aldkfjlaksji4u50198u09uef-a9udfb9ausdf --allEgressIPs --outputCsvFile output.csv

To output into a simple External Dynamic List format (every IP address only)

$ python3 format-egress-ips.py --apiKey aldkfjlaksji4u50198u09uef-a9udfb9ausdf --allEgressIPs --outputEdlFile output.edl

Convert an existing json file into a formatted table

$ python3 format-egress-ips.py --fileName egress-ips.json

Example output:

Location              serviceType         egress IP           Active/Reserved
Singapore             gp_gateway          123.234.123.124     active
Thailand              gp_gateway          119.256.139.101     active
Vietnam               gp_gateway          191.199.280.100     active
US Central            gp_gateway          103.191.878.100     active

Convert an existing json file into a csv file

$ python3 format-egress-ips.py --fileName egress-ips.json --outputCsvFile output.csv