| Name | pyise-ers JSON |
| Version |
0.3.0.3
JSON |
| download |
| home_page | |
| Summary | Python wrapper for Cisco ISE ERS API |
| upload_time | 2023-10-28 15:33:13 |
| maintainer | |
| docs_url | None |
| author | Andreas Falk |
| requires_python | >=3.10,<4.0 |
| license | |
| keywords |
poetry
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
[](https://developer.cisco.com/codeexchange/github/repo/falkowich/pyise-ers)
[](https://github.com/falkowich/pyise-ers/actions/workflows/codeql-analysis.yml)
[](https://codecov.io/gh/falkowich/pyise-ers)
# ISE-ERS API Wrapper
Python module to manage Cisco ISE via the REST API.
## [](https://repography.com) / Recent activity [](https://repography.com)
[](https://github.com/falkowich/pyise-ers/commits)
[](https://github.com/falkowich/pyise-ers/issues)
[](https://github.com/falkowich/pyise-ers/pulls)
[](https://github.com/falkowich/pyise-ers/commits)
[](https://github.com/falkowich/pyise-ers/graphs/contributors)
[](https://github.com/falkowich/pyise-ers/commits)
## Information about the master branch
### As of May 6, 2023
The master branch is currently being in development.
Please keep this in mind when using the code from this branch.
## History
All initial work is done by [https://github.com/bobthebutcher](https://github.com/bobthebutcher) and [https://github.com/mpenning](https://github.com/mpenning).
I forked from them and updated so it worked with ISE 2.2.x and changed all functions to json calls.
* 2021-10-01 » All history before 0.2 and the namechange to pyiseers is located [here](#History-before-0.2)
* 2021-10-01 » Deforked from upstream for simpler handling of PR's as of this [discussion](https://github.com/falkowich/ise/discussions/161)
* 2021-10-02 » Started work with namechange as of this [issue](https://github.com/falkowich/ise/issues/164) to pyise-ers
* 2021-10-03 » Pushed pyise-ers 0.2.0-rc to test.pypi.com
* 2021-10-05 » Pushed pyise-ers 0.2.0.1 to pypi.com
* 2023-10-27 » Pushed pyise-ers 0.3.0.1 - 0.3.0.3 to pypi-test
* 2023-10-28 » Pushed pyise-ers 0.3.0.3 to pypi
### Namechange information
#### After 0.2.0.1 information
In 2021 I tried to publish the library to DevNet and beq modulname was just "ise" I had to do a rename on the package, module and repository.
* Repository is named pyise-ers,
* The PyPI package is named pyise-ers.
* The module is named pyiseers (for convenience of imports without dashes in them)
If you use the "old 0.1.2.x" ise packages in PyPi, please update your requirements to pyise-ers to get continued updates.
(after testing everything in your environment offcourse)
## Status
I am keeping this active until ISE 2.7 is out of support. And for you who have ISE 3.1 and above, I would recommend https://github.com/CiscoISE/ciscoisesdk project.
See this [discussion](https://github.com/falkowich/pyise-ers/discussions/231)
Everything should work on 3.0.x train too, beq a few members uses that version. But in my test I only have access to 2.7.
Tested and used in our environment at work. But as usual it's up to you to test this out in a test environment so everything works as intended.
If you have any suggestions or find a bug, create a issue and we will try to fix it :)
Feel free to [Join Discord Server](https://discord.gg/CA6FphRgF4) and contact me there too.
I moved away from slack to Discord to try it out when 0.2.0.1 will be released.
## Testing
These versions has been tested with pytest.
|pyise-ers|ise|ise patch|python|date|status|
|---|---|---|---|---|---|
|0.1.1|2.4.0.357|none|3.7.3|2019|deprecated|
|0.1.2|2.7.0.356|11|3.7.7|2020|deprecated|
|0.1.2|2.7.0.356|1|3.7.7|2020|deprecated|
|0.2.0.1|2.7.0.356|none|3.7.12|2021-10-05|deprecated|
|0.2.0.1|3.0.0.458|none|3.7.12|2021-10-05|deprecated|
|0.3.0.3|2.7.0.356|none|3.10.2|2023-10-28|active|
There are two tests available in tests/ directory.
### Manual test
To run the "manual" tests:
* make a copy of config-DEFAULT.py to config.py
* edit uri_27, uri_30 and/or uri_31 with settings to your test ise server
* run python manual_test_ers.py
### Pytest
To run the testfiles with pytest-recording.
The first time this is runned the directory `cassettes/` are created with saved .yaml files from the test.
That is so that the tests can be repeated without contacting ISE everytime.
* make a copy of config-DEFAULT.py to config.py
* edit uri with settings to your test ise instance.
* in the config.py there are a list where you can set multiple versions if ise instances.
* to run the tests
* pytest --record-mode=rewrite (To rewrite cassettes with live data)
* pytest (to reuse the recorded cassetes)
The plan is to extend the testing with testcoverage on this library.
### Enable REST API
[http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/api_ref_guide/api_ref_book/ise_api_ref_ers1.html#pgfId-1079790](http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/api_ref_guide/api_ref_book/ise_api_ref_ers1.html#pgfId-1079790)
Need to add an ISE Administrator with the "ERS-Admin" or "ERS-Operator" group assignment is required to use the API.
### Installation
#### From PyPi
```bash
pip install pyise-ers
```
#### From Repository
```bash
mkdir path/to/parent
cd path/to/parent
git clone https://github.com/falkowich/pyise-ers.git
```
##### Add to path
```python
import sys
sys.path.append('/path/to/parent/pyise-ers/')
```
### Usage
```python
from pyiseers import ERS
ise = ERS(ise_node='8.8.8.8', ers_user='ers', ers_pass='supersecret', ers_port=9060, verify=False, disable_warnings=True)
```
If ISE is configured to require CSRF for ERS requests for Enhanced Security, you can add the "use_csrf" tag:
```python
from pyiseers import ERS
ise = ERS(ise_node='8.8.8.8', ers_user='ers', ers_pass='supersecret', ers_port=9060, verify=False, disable_warnings=True, use_csrf=True)
```
#### Methods return a result dictionary
```python
{
'success': True/False,
'response': 'Response from request',
'error': 'Error if any',
}
```
#### Get a list of identity groups
```python
ise.get_identity_groups()['response']
[('NetworkAdmin',
'5f0b74f0-14e9-11e5-a7a6-00505683258b',
'Group for Network Admins with CLI access to network equipment'),
('OWN_ACCOUNTS (default)',
'cecdab40-8d30-11e5-82ce-005056834dc2',
'Default OWN_ACCOUNTS (default) User Group'),
('GuestType_Contractor (default)',
'c9b6b890-8d30-11e5-82ce-005056834dc2',
'Identity group mirroring the guest type '),
...]
```
#### Get details about an identity group
```python
ise.get_identity_group(group='Employee')['response']
{'description': 'Default Employee User Group',
'id': 'f80e5ce0-f42e-11e2-bd54-005056bf2f0a',
'link': {'href': 'https://8.8.8.8:9060/ers/config/identitygroup/f80e5ce0-f42e-11e2-bd54-005056bf2f0a',
'rel': 'self',
'type': 'application/xml'},
'name': 'Employee',
'parent': 'NAC Group:NAC:IdentityGroups:User Identity Groups'}
```
#### Get details about an endpoint
```python
ise.get_endpoint_group(group='Resurs')['response']
{'description': '',
'id': 'bf6bdcf0-14ed-11e5-a7a6-00505683258b',
'link': {'href': 'https://8.8.8.8:9060/ers/config/endpointgroup/bf6bdcf0-14ed-11e5-a7a6-00505683258b',
'rel': 'self',
'type': 'application/xml'},
'name': 'Resurs',
'systemDefined': False}
```
#### Get endpoint identity groups
```python
ise.get_endpoint_groups()['response']
[('Cisco-IP-Phone',
'265079a0-6d8e-11e5-978e-005056bf2f0a',
'Identity Group for Profile: Cisco-IP-Phone'),
('Resurs', '32c8eb40-6d8e-11e5-978e-005056bf2f0a', ''),
...]
```
#### Add endpoint
```python
ise.add_endpoint(name='test02', mac='AA:BB:CC:00:11:24', group_id='bf6bdcf0-14ed-11e5-a7a6-00505683258b', description='test02')
{'response': 'test02 Added Successfully', 'success': True, 'error': ''}
```
#### Delete endpoint
```python
ise.delete_endpoint(mac='AA:BB:CC:00:11:27')
{'error': '', 'response': 'AA:BB:CC:00:11:27 Deleted Successfully', 'success': True}
```
#### Get a list of internal users
```python
ise.get_users()['response']
[('test01', '85fd1eb0-c6fa-11e5-b6b6-000c297b78b4'),
('test02', '54fd1eb0-c5fb-54e5-b6b6-00204597b28b1'),
...]
```
#### Get details about an internal user
By name
```python
ise.get_user(user_id='test02')['response']
{'changePassword': False,
'customAttributes': {},
'enablePassword': '*******',
'enabled': True,
'expiryDateEnabled': False,
'id': '54fd1eb0-c5fb-54e5-b6b6-00204597b28b1',
'identityGroups': '5f0b74f0-14e9-11e5-a7a6-00505683258b',
'link': {'href': 'https://8.8.8.8:9060/ers/config/internaluser/a837bd55-f2b7-41e3-b0ff-c5ddf9af398c',
'rel': 'self',
'type': 'application/xml'},
'name': 'test02',
'password': '*******',
'passwordIDStore': 'Internal Users'}
```
By email
```python
ise.get_user(user_email='test02@example.com')['response']
{'changePassword': False,
'customAttributes': {},
'enablePassword': '*******',
'enabled': True,
'expiryDateEnabled': False,
'id': '54fd1eb0-c5fb-54e5-b6b6-00204597b28b1',
'identityGroups': '5f0b74f0-14e9-11e5-a7a6-00505683258b',
'link': {'href': 'https://8.8.8.8:9060/ers/config/internaluser/a837bd55-f2b7-41e3-b0ff-c5ddf9af398c',
'rel': 'self',
'type': 'application/xml'},
'name': 'test02',
'password': '*******',
'passwordIDStore': 'Internal Users'}
```
#### Add an internal user
```python
ise.add_user(user_id='test11', password='TeStInG11', user_group_oid='5f0b74f0-14e9-11e5-a7a6-00505683258b')
{'error': '', 'response': 'test11 Added Successfully', 'success': True}
```
#### Delete an internal user
```python
ise.delete_user(user_id='test11')
{'error': '', 'response': 'test11 Deleted Successfully', 'success': True}
```
#### Get details about an admin user
```python
ise.get_admin_user(user_id='admin')
{
"SearchResult": {
"total": 2,
"resources": [
{
"id": "c2428e12-105f-4d5f-88ae-5885516d7ac5",
"name": "admin",
"description": "Default Admin User",
"link": {
"rel": "self",
"href": "https://8.8.8.8:9060/ers/config/adminuser/c2428e12-105f-4d5f-88ae-5885516d7ac5",
"type": "application/json"
}
},
{
"id": "e0884628-8d13-451c-b3f7-117f9d0336ad",
"name": "ers-operator",
"description": "",
"link": {
"rel": "self",
"href": "https://8.8.8.8:9060/ers/config/adminuser/e0884628-8d13-451c-b3f7-117f9d0336ad",
"type": "application/json"
}
}
]
}
}
```
#### Get a list of devices
```python
ise.get_devices()['response']
[('TestDevice01', '6680f410-5277-11e5-9a52-05505683258b'),
('TestDevice02', '64d9b32-5c56-11e5-9a52-00502683258b'),
...]
```
#### Get details about a device
```python
ise.get_device(device='TestDevice02')['response']
{'NetworkDeviceGroupList': ['Stage#Stage',
'Device Type#All Device Types#Linux',
'Location#All Locations'],
'NetworkDeviceIPList': [{'ipaddress': '10.8.1.55', 'mask': 32}],
'authenticationSettings': {'enableKeyWrap': False,
'keyInputFormat': 'ASCII',
'networkProtocol': 'RADIUS',
'radiusSharedSecret': '******'},
'coaPort': 0,
'id': '74d9b830-5c76-11e5-9a52-00505683258b',
'link': {'href': 'https://8.8.8.8:9060/ers/config/networkdevice/74d9b830-5c76-11e5-9a52-00505683258b',
'rel': 'self',
'type': 'application/xml'},
'modelName': 'Linux',
'name': 'TestDevice02',
'profileName': 'Cisco'}
```
#### Get a list of device groups
```python
ise.get_device_groups()['response']
[('Device Type#All Device Types', '526240e0-f42e-11e2-bd54-005056bf2f0a'),
('Device Type#All Device Types#Switch', 'e25bd190-14e6-11e5-a7a6-00505683258b'),
('Device Type#All Device Types#Wism', 'e6b085b0-14e6-11e5-a7a6-00505683258b'),
('IPSEC#Is IPSEC Device', '0d3f19b0-30c1-11e7-88b5-005056834dc2'),
('IPSEC#Is IPSEC Device#No', '0dac0c50-30c1-11e7-88b5-005056834dc2'),
('IPSEC#Is IPSEC Device#Yes', '0d74f6c0-30c1-11e7-88b5-005056834dc2'),
('Location#All Locations', '522b7970-f42e-11e2-bd54-005056bf2f0a'),
...]
```
#### Get device group(s) details
```python
# Provide a device_group_id
ise.get_device_group(device_group_id="4b26b5b0-71a6-11eb-b5e0-52cf9299494c")
{'success': True,
'response': {'id': '4b26b5b0-71a6-11eb-b5e0-52cf9299494c',
'name': 'Device Type#All Device Types#NXOS',
'description': '',
'link': {'rel': 'self',
'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/4b26b5b0-71a6-11eb-b5e0-52cf9299494c',
'type': 'application/json'},
'othername': 'Device Type'},
'error': ''}
# Provide a partial group name to look for
ise.get_device_group(name="NXOS")
{'success': True,
'response': {'id': '4b26b5b0-71a6-11eb-b5e0-52cf9299494c',
'name': 'Device Type#All Device Types#NXOS',
'description': '',
'link': {'rel': 'self',
'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/4b26b5b0-71a6-11eb-b5e0-52cf9299494c',
'type': 'application/json'},
'othername': 'Device Type'},
'error': ''}
# If more than one group found with for a name a list is returned
ise.get_device_group(name="Device Types")
[
{'success': True,
'response': {'id': '70c79c30-8bff-11e6-996c-525400b48521',
'name': 'Device Type#All Device Types',
'description': 'All Device Types',
'link': {'rel': 'self',
'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/70c79c30-8bff-11e6-996c-525400b48521',
'type': 'application/json'},
'othername': 'Device Type'},
'error': ''},
{'success': True,
'response': {'id': 'ee45c0a0-7fbc-11eb-ac01-36750594a888',
'name': 'Device Type#All Device Types#IOS-XE',
'description': '',
'link': {'rel': 'self',
'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/ee45c0a0-7fbc-11eb-ac01-36750594a888',
'type': 'application/json'},
'othername': 'Device Type'},
'error': ''},
{'success': True,
'response': {'id': '4b26b5b0-71a6-11eb-b5e0-52cf9299494c',
'name': 'Device Type#All Device Types#NXOS',
'description': '',
'link': {'rel': 'self',
'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/4b26b5b0-71a6-11eb-b5e0-52cf9299494c',
'type': 'application/json'},
'othername': 'Device Type'},
'error': ''},
]
```
#### Add a new device group
```python
ise.add_device_group(name="Device Type#All Device Types#Python Device Type", description="From Python")
{'success': True,
'response': 'Device Type#All Device Types#Python Device Type Added Successfully',
'error': ''}
```
#### Update a device group
```python
ise.update_device_group(device_group_oid=group_id, name="Device Type#All Device Types#Updated Device Type", description="Update Description")
{'success': True,
'response': 'e7db3e00-a36d-11eb-ac01-36750594a888 Updated Successfully',
'error': ''}
```
#### Remove a device group
```python
ise.delete_device_group(name="Device Type#All Device Types#Python Device Type")
{'success': True,
'response': 'Device Type#All Device Types#Python Device Type Deleted Successfully',
'error': ''}
```
#### Add a device
```python
ise.add_device(name='testdevice03',
ip_address='8.8.8.8',
radius_key='foo',
snmp_ro='bar',
dev_group='Stage#Stage#Closed',
dev_location='Location#All Locations#Site21',
dev_type='Device Type#All Device Types#Switch')
{'error': '', 'response': 'testdevice03 Added Successfully', 'success': True}
```
#### Update a device
```python
ise.update_device("PYTHON-DEVICE", tacacs_shared_secret="NEWTACACS")
{'success': True,
'response': {'updatedField': [{'field': 'TacacsSettings.ConnectModeOptions',
'oldValue': '',
'newValue': 'ON_LEGACY'},
{'field': 'TacacsSettings.SharedSecret', 'newValue': 'NEWTACACS'}]},
'error': ''}
```
#### Delete a device
```python
ise.delete_device(device='testdevice03')
{'error': '', 'response': 'testdevice03 Deleted Successfully', 'success': True}
```
#### Get all Security Groups (SGTs)
```python
ise.get_sgts()
{'success': True, 'response': [('Contractors', '4f9c8050-8f9f-11ea-b8e4-ca18718347e2'), ('Employees', 'a34ae530-59a2-11ea-a6b9-26b516ce162b'), ('Guest', '440dd8b0-7da7-11ea-bb75-261e6ff61f42'), ('IoT_Devices', '55bd68f0-8f9f-11ea-b8e4-ca18718347e2'), ('IoT_Servers', '36369eb0-8fa0-11ea-b8e4-ca18718347e2'), ('Servers', '385cbd90-8fa1-11ea-b8e4-ca18718347e2'), ('TrustSec_Devices', '947832a0-8c01-11e6-996c-525400b48521'), ('Unknown', '92adf9f0-8c01-11e6-996c-525400b48521')], 'error': '', 'total': 8}
```
#### Get Specific SGT
```python
ise.get_sgt("Unknown")
ise.get_sgt(0)
ise.get_sgt("92adf9f0-8c01-11e6-996c-525400b48521")
{'success': True, 'response': {'id': '92adf9f0-8c01-11e6-996c-525400b48521', 'name': 'Unknown', 'description': 'Unknown Security Group', 'value': 0, 'generationId': '1', 'propogateToApic': False, 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgt/92adf9f0-8c01-11e6-996c-525400b48521', 'type': 'application/json'}}, 'error': ''}
```
#### Add a SGT
```python
ise.add_sgt("Python_Users", "Group used for all Python Users", 56789, return_object=True)
{'success': True, 'response': {'id': 'd4696690-97ba-11ea-9614-caf56bcd6712', 'name': 'Python_Users', 'description': 'Group used for all Python Users', 'value': 56789, 'generationId': '0', 'propogateToApic': False, 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgt/d4696690-97ba-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}
```
#### Update a SGT
```python
ise.update_sgt("d4696690-97ba-11ea-9614-caf56bcd6712", "Python_Tests", "Testing for Python Users", 45678, return_object=True)
{'success': True, 'response': {'id': 'd4696690-97ba-11ea-9614-caf56bcd6712', 'name': 'Python_Tests', 'description': 'Testing for Python Users', 'value': 45678, 'generationId': '0', 'propogateToApic': False, 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgt/d4696690-97ba-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}
```
#### Delete a SGT
```python
ise.delete_sgt("d4696690-97ba-11ea-9614-caf56bcd6712")
{'success': True, 'response': 'd4696690-97ba-11ea-9614-caf56bcd6712 Deleted Successfully', 'error': ''}
```
#### Get all Security Groups ACLs (SGACLs)
```python
ise.get_sgacls()
{'success': True, 'response': [('Block_All', '7c9b4a80-8fa1-11ea-b8e4-ca18718347e2'), ('Deny IP', '92919850-8c01-11e6-996c-525400b48521'), ('Deny_ICMP', 'c21dfa60-59a2-11ea-a6b9-26b516ce162b'), ('Deny_IP_Log', '0e6d3830-0684-11ea-ace5-42a6b55c5ca6'), ('Permit IP', '92951ac0-8c01-11e6-996c-525400b48521'), ('Permit_FTP', '761b9e50-7e01-11ea-bb75-261e6ff61f42'), ('Permit_IP_Log', '0e6aee40-0684-11ea-ace5-42a6b55c5ca6'), ('Permit_MQTT', '1470fa00-5a85-11ea-a6b9-26b516ce162b')], 'error': '', 'total': 8}
```
#### Get Specific SGACL
```python
ise.get_sgacl("Permit IP")
ise.get_sgacl("92951ac0-8c01-11e6-996c-525400b48521")
{'success': True, 'response': {'id': '92951ac0-8c01-11e6-996c-525400b48521', 'name': 'Permit IP', 'description': 'Permit IP SGACL', 'generationId': '0', 'aclcontent': 'permit ip', 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgacl/92951ac0-8c01-11e6-996c-525400b48521', 'type': 'application/json'}}, 'error': ''}
```
#### Add a SGACL
```python
ise.add_sgacl("Python_ACL", "Access List for Python Access", "IP_AGNOSTIC", ["permit tcp dst eq 80"], return_object=True)
{'success': True, 'response': {'id': '7a820000-97bb-11ea-9614-caf56bcd6712', 'name': 'Python_ACL', 'description': 'Access List for Python Access', 'generationId': '0', 'aclcontent': 'permit tcp dst eq 80', 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgacl/7a820000-97bb-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}
```
#### Update a SGACL
```python
ise.update_sgacl("7a820000-97bb-11ea-9614-caf56bcd6712", "Python_Access_List", "Python Access List", "IPV4", ["permit tcp src eq 80"], return_object=True)
{'success': True, 'response': {'id': '7a820000-97bb-11ea-9614-caf56bcd6712', 'name': 'Python_Access_List', 'description': 'Python Access List', 'generationId': '1', 'ipVersion': 'IPV4', 'aclcontent': 'permit tcp src eq 80', 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgacl/7a820000-97bb-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}
```
#### Get all TrustSec Egress Matrix Cells (Policies)
```python
ise.get_egressmatrixcells()
{'success': True, 'response': [('ANY-ANY', '92c1a900-8c01-11e6-996c-525400b48521'), ('Contractors-Servers', '5251ca60-8fa1-11ea-b8e4-ca18718347e2'), ('Contractors-IoT_Devices', 'de7859b0-8fa0-11ea-b8e4-ca18718347e2'), ('Employees-Servers', '5fb81e71-8fa1-11ea-b8e4-ca18718347e2'), ('Employees-Employees', 'd2d88280-59a2-11ea-a6b9-26b516ce162b'), ('Employees-IoT_Devices', 'e18ac9d1-8fa0-11ea-b8e4-ca18718347e2'), ('Employees-TrustSec_Devices', 'ee035030-59a2-11ea-a6b9-26b516ce162b'), ('Guest-IoT_Devices', 'e4d49da1-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-IoT_Devices', 'b0eccdf0-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-IoT_Servers', 'b7e6d880-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Contractors', 'c82308e0-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Employees', 'cb276f40-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Guest', 'ce1e4110-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-TrustSec_Devices', 'd1e33851-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Unknown', 'd68d3860-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Servers-IoT_Devices', 'bc784780-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Servers-IoT_Servers', 'c069f410-8fa0-11ea-b8e4-ca18718347e2'), ('TrustSec_Devices-IoT_Devices', 'e94bcde1-8fa0-11ea-b8e4-ca18718347e2'), ('Unknown-IoT_Devices', 'f3e9da31-8fa0-11ea-b8e4-ca18718347e2')], 'error': '', 'total': 19}
```
#### Get Specific Egress Matrix Cell
```python
ise.get_egressmatrixcell("Default egress rule")
ise.get_egressmatrixcell(None, src_sgt="92bb1950-8c01-11e6-996c-525400b48521", dst_sgt="92bb1950-8c01-11e6-996c-525400b48521")
{'success': True, 'response': {'id': '92c1a900-8c01-11e6-996c-525400b48521', 'name': 'ANY-ANY', 'description': 'Default egress rule', 'sourceSgtId': '92bb1950-8c01-11e6-996c-525400b48521', 'destinationSgtId': '92bb1950-8c01-11e6-996c-525400b48521', 'matrixCellStatus': 'ENABLED', 'defaultRule': 'PERMIT_IP', 'sgacls': ['92951ac0-8c01-11e6-996c-525400b48521'], 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/egressmatrixcell/92c1a900-8c01-11e6-996c-525400b48521', 'type': 'application/json'}}, 'error': ''}
```
#### Add a Egress Matrix Cell
```python
ise.add_egressmatrixcell(source_sgt="Unknown", destination_sgt="TrustSec_Devices", default_rule="PERMIT_IP", return_object=True)
{'success': True, 'response': {'id': '6f76b621-97bf-11ea-9614-caf56bcd6712', 'name': 'Unknown-TrustSec_Devices', 'sourceSgtId': '92adf9f0-8c01-11e6-996c-525400b48521', 'destinationSgtId': '947832a0-8c01-11e6-996c-525400b48521', 'matrixCellStatus': 'ENABLED', 'defaultRule': 'PERMIT_IP', 'sgacls': ['92951ac0-8c01-11e6-996c-525400b48521'], 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/egressmatrixcell/6f76b621-97bf-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}
```
#### Update a Egress Matrix Cell
```python
ise.update_egressmatrixcell("6f76b621-97bf-11ea-9614-caf56bcd6712", source_sgt="Unknown", destination_sgt="TrustSec_Devices", default_rule="NONE", acls=["Deny IP"], description="Description", return_object=True)
{'success': True, 'response': {'id': '6f76b621-97bf-11ea-9614-caf56bcd6712', 'name': 'Unknown-TrustSec_Devices', 'description': 'Description', 'sourceSgtId': '92adf9f0-8c01-11e6-996c-525400b48521', 'destinationSgtId': '947832a0-8c01-11e6-996c-525400b48521', 'matrixCellStatus': 'ENABLED', 'defaultRule': 'DENY_IP', 'sgacls': ['92919850-8c01-11e6-996c-525400b48521'], 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/egressmatrixcell/6f76b621-97bf-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}
```
#### Delete a Egress Matrix Cell
```python
ise.delete_egressmatrixcell("6f76b621-97bf-11ea-9614-caf56bcd6712")
{'success': True, 'response': '6f76b621-97bf-11ea-9614-caf56bcd6712 Deleted Successfully', 'error': ''}
```
# History before namechange » 0.2.0
* Merged back from the work that [https://github.com/karrots](https://github.com/karrots) has done efter I paused the updates.
* Converted to pipenv packages instead of requirements.txt
* Updated to ISE 2.4.x
* Merged back from the work that [https://github.com/msom](https://github.com/msom) has done with some good device fixes.
* *One big thing is that module is now renamed from ise.cream to just ise.*
* First publish to PyPi with the help of [https://github.com/JonasKs](https://github.com/JonasKs).
* Add support for ISE CSRF and some TrustSec objects (SGT, SGACL, Egress Policy Matrix) [https://github.com/joshand](https://github.com/joshand).
* Merged [Enhancement to Device Group and Device Functions](https://github.com/falkowich/ise/pull/152) with a big thanks to [https://github.com/hpreston](https://github.com/hpreston)
* New functions for devicegroups where added » add_device_group, update_device_group, delete_device_group.
* New function to update devices where added » update_device
* Updated get_device_group for looking up names
* Updated add_device with new parameters and device_payload
* Updated dependensies for dev and prod, created new manual testcases, cleaned up the code with black.
Raw data
{
"_id": null,
"home_page": "",
"name": "pyise-ers",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10,<4.0",
"maintainer_email": "",
"keywords": "poetry",
"author": "Andreas Falk",
"author_email": "falk@mockel.se",
"download_url": "https://files.pythonhosted.org/packages/39/5b/437c4ebd34811e5197c1451f86eb87cc1822a4458374fe1b36d071d2ee41/pyise_ers-0.3.0.3.tar.gz",
"platform": null,
"description": "\n[](https://developer.cisco.com/codeexchange/github/repo/falkowich/pyise-ers)\n\n[](https://github.com/falkowich/pyise-ers/actions/workflows/codeql-analysis.yml)\n[](https://codecov.io/gh/falkowich/pyise-ers)\n\n# ISE-ERS API Wrapper\n\nPython module to manage Cisco ISE via the REST API. \n\n\n## [](https://repography.com) / Recent activity [](https://repography.com)\n[](https://github.com/falkowich/pyise-ers/commits)\n[](https://github.com/falkowich/pyise-ers/issues)\n[](https://github.com/falkowich/pyise-ers/pulls)\n[](https://github.com/falkowich/pyise-ers/commits)\n[](https://github.com/falkowich/pyise-ers/graphs/contributors)\n[](https://github.com/falkowich/pyise-ers/commits)\n\n\n\n## Information about the master branch\n\n### As of May 6, 2023\n\nThe master branch is currently being in development. \nPlease keep this in mind when using the code from this branch.\n\n## History\n\nAll initial work is done by [https://github.com/bobthebutcher](https://github.com/bobthebutcher) and [https://github.com/mpenning](https://github.com/mpenning). \nI forked from them and updated so it worked with ISE 2.2.x and changed all functions to json calls. \n\n* 2021-10-01 \u00bb All history before 0.2 and the namechange to pyiseers is located [here](#History-before-0.2)\n* 2021-10-01 \u00bb Deforked from upstream for simpler handling of PR's as of this [discussion](https://github.com/falkowich/ise/discussions/161)\n* 2021-10-02 \u00bb Started work with namechange as of this [issue](https://github.com/falkowich/ise/issues/164) to pyise-ers\n* 2021-10-03 \u00bb Pushed pyise-ers 0.2.0-rc to test.pypi.com\n* 2021-10-05 \u00bb Pushed pyise-ers 0.2.0.1 to pypi.com\n* 2023-10-27 \u00bb Pushed pyise-ers 0.3.0.1 - 0.3.0.3 to pypi-test\n* 2023-10-28 \u00bb Pushed pyise-ers 0.3.0.3 to pypi\n\n### Namechange information\n\n#### After 0.2.0.1 information\n\nIn 2021 I tried to publish the library to DevNet and beq modulname was just \"ise\" I had to do a rename on the package, module and repository. \n\n* Repository is named pyise-ers,\n* The PyPI package is named pyise-ers.\n* The module is named pyiseers (for convenience of imports without dashes in them)\n\nIf you use the \"old 0.1.2.x\" ise packages in PyPi, please update your requirements to pyise-ers to get continued updates.\n(after testing everything in your environment offcourse)\n\n## Status\n\nI am keeping this active until ISE 2.7 is out of support. And for you who have ISE 3.1 and above, I would recommend https://github.com/CiscoISE/ciscoisesdk project. \nSee this [discussion](https://github.com/falkowich/pyise-ers/discussions/231)\n\nEverything should work on 3.0.x train too, beq a few members uses that version. But in my test I only have access to 2.7.\n\nTested and used in our environment at work. But as usual it's up to you to test this out in a test environment so everything works as intended.\nIf you have any suggestions or find a bug, create a issue and we will try to fix it :)\n\nFeel free to [Join Discord Server](https://discord.gg/CA6FphRgF4) and contact me there too.\nI moved away from slack to Discord to try it out when 0.2.0.1 will be released.\n\n## Testing\n\nThese versions has been tested with pytest.\n\n|pyise-ers|ise|ise patch|python|date|status|\n|---|---|---|---|---|---|\n|0.1.1|2.4.0.357|none|3.7.3|2019|deprecated|\n|0.1.2|2.7.0.356|11|3.7.7|2020|deprecated|\n|0.1.2|2.7.0.356|1|3.7.7|2020|deprecated|\n|0.2.0.1|2.7.0.356|none|3.7.12|2021-10-05|deprecated|\n|0.2.0.1|3.0.0.458|none|3.7.12|2021-10-05|deprecated|\n|0.3.0.3|2.7.0.356|none|3.10.2|2023-10-28|active|\n\nThere are two tests available in tests/ directory.\n\n### Manual test\n\nTo run the \"manual\" tests:\n\n* make a copy of config-DEFAULT.py to config.py\n* edit uri_27, uri_30 and/or uri_31 with settings to your test ise server\n* run python manual_test_ers.py\n\n### Pytest\n\nTo run the testfiles with pytest-recording. \nThe first time this is runned the directory `cassettes/` are created with saved .yaml files from the test.\nThat is so that the tests can be repeated without contacting ISE everytime.\n\n* make a copy of config-DEFAULT.py to config.py\n * edit uri with settings to your test ise instance.\n * in the config.py there are a list where you can set multiple versions if ise instances.\n* to run the tests\n * pytest --record-mode=rewrite (To rewrite cassettes with live data)\n * pytest (to reuse the recorded cassetes)\n\nThe plan is to extend the testing with testcoverage on this library.\n\n### Enable REST API\n\n[http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/api_ref_guide/api_ref_book/ise_api_ref_ers1.html#pgfId-1079790](http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/api_ref_guide/api_ref_book/ise_api_ref_ers1.html#pgfId-1079790)\nNeed to add an ISE Administrator with the \"ERS-Admin\" or \"ERS-Operator\" group assignment is required to use the API.\n\n### Installation\n\n#### From PyPi\n\n```bash\npip install pyise-ers\n```\n\n#### From Repository\n\n```bash\nmkdir path/to/parent\ncd path/to/parent\ngit clone https://github.com/falkowich/pyise-ers.git\n```\n\n##### Add to path\n\n```python\nimport sys\nsys.path.append('/path/to/parent/pyise-ers/')\n```\n\n### Usage\n\n```python\nfrom pyiseers import ERS\nise = ERS(ise_node='8.8.8.8', ers_user='ers', ers_pass='supersecret', ers_port=9060, verify=False, disable_warnings=True)\n```\n\nIf ISE is configured to require CSRF for ERS requests for Enhanced Security, you can add the \"use_csrf\" tag:\n\n```python\nfrom pyiseers import ERS\nise = ERS(ise_node='8.8.8.8', ers_user='ers', ers_pass='supersecret', ers_port=9060, verify=False, disable_warnings=True, use_csrf=True)\n```\n\n#### Methods return a result dictionary\n\n```python\n{\n 'success': True/False,\n 'response': 'Response from request',\n 'error': 'Error if any',\n}\n```\n\n#### Get a list of identity groups\n\n```python\nise.get_identity_groups()['response']\n\n[('NetworkAdmin',\n '5f0b74f0-14e9-11e5-a7a6-00505683258b',\n 'Group for Network Admins with CLI access to network equipment'),\n ('OWN_ACCOUNTS (default)',\n 'cecdab40-8d30-11e5-82ce-005056834dc2',\n 'Default OWN_ACCOUNTS (default) User Group'),\n ('GuestType_Contractor (default)',\n 'c9b6b890-8d30-11e5-82ce-005056834dc2',\n 'Identity group mirroring the guest type '),\n ...]\n```\n\n#### Get details about an identity group\n\n```python\nise.get_identity_group(group='Employee')['response']\n\n{'description': 'Default Employee User Group',\n 'id': 'f80e5ce0-f42e-11e2-bd54-005056bf2f0a',\n 'link': {'href': 'https://8.8.8.8:9060/ers/config/identitygroup/f80e5ce0-f42e-11e2-bd54-005056bf2f0a',\n 'rel': 'self',\n 'type': 'application/xml'},\n 'name': 'Employee',\n 'parent': 'NAC Group:NAC:IdentityGroups:User Identity Groups'}\n\n```\n\n#### Get details about an endpoint\n\n```python\nise.get_endpoint_group(group='Resurs')['response']\n\n {'description': '',\n 'id': 'bf6bdcf0-14ed-11e5-a7a6-00505683258b',\n 'link': {'href': 'https://8.8.8.8:9060/ers/config/endpointgroup/bf6bdcf0-14ed-11e5-a7a6-00505683258b',\n 'rel': 'self',\n 'type': 'application/xml'},\n 'name': 'Resurs',\n 'systemDefined': False}\n\n```\n\n#### Get endpoint identity groups\n\n```python\nise.get_endpoint_groups()['response']\n\n [('Cisco-IP-Phone',\n '265079a0-6d8e-11e5-978e-005056bf2f0a',\n 'Identity Group for Profile: Cisco-IP-Phone'),\n ('Resurs', '32c8eb40-6d8e-11e5-978e-005056bf2f0a', ''),\n ...]\n\n```\n\n#### Add endpoint\n\n```python\nise.add_endpoint(name='test02', mac='AA:BB:CC:00:11:24', group_id='bf6bdcf0-14ed-11e5-a7a6-00505683258b', description='test02')\n{'response': 'test02 Added Successfully', 'success': True, 'error': ''}\n```\n\n#### Delete endpoint\n\n```python\nise.delete_endpoint(mac='AA:BB:CC:00:11:27')\n{'error': '', 'response': 'AA:BB:CC:00:11:27 Deleted Successfully', 'success': True}\n\n```\n\n#### Get a list of internal users\n\n```python\nise.get_users()['response']\n\n[('test01', '85fd1eb0-c6fa-11e5-b6b6-000c297b78b4'),\n ('test02', '54fd1eb0-c5fb-54e5-b6b6-00204597b28b1'),\n ...]\n\n```\n\n#### Get details about an internal user\n\nBy name\n\n```python\nise.get_user(user_id='test02')['response']\n\n{'changePassword': False,\n 'customAttributes': {},\n 'enablePassword': '*******',\n 'enabled': True,\n 'expiryDateEnabled': False,\n 'id': '54fd1eb0-c5fb-54e5-b6b6-00204597b28b1',\n 'identityGroups': '5f0b74f0-14e9-11e5-a7a6-00505683258b',\n 'link': {'href': 'https://8.8.8.8:9060/ers/config/internaluser/a837bd55-f2b7-41e3-b0ff-c5ddf9af398c',\n 'rel': 'self',\n 'type': 'application/xml'},\n 'name': 'test02',\n 'password': '*******',\n 'passwordIDStore': 'Internal Users'}\n\n```\n\nBy email\n\n```python\nise.get_user(user_email='test02@example.com')['response']\n\n{'changePassword': False,\n 'customAttributes': {},\n 'enablePassword': '*******',\n 'enabled': True,\n 'expiryDateEnabled': False,\n 'id': '54fd1eb0-c5fb-54e5-b6b6-00204597b28b1',\n 'identityGroups': '5f0b74f0-14e9-11e5-a7a6-00505683258b',\n 'link': {'href': 'https://8.8.8.8:9060/ers/config/internaluser/a837bd55-f2b7-41e3-b0ff-c5ddf9af398c',\n 'rel': 'self',\n 'type': 'application/xml'},\n 'name': 'test02',\n 'password': '*******',\n 'passwordIDStore': 'Internal Users'}\n\n```\n\n#### Add an internal user\n\n```python\nise.add_user(user_id='test11', password='TeStInG11', user_group_oid='5f0b74f0-14e9-11e5-a7a6-00505683258b')\n\n{'error': '', 'response': 'test11 Added Successfully', 'success': True}\n\n```\n\n#### Delete an internal user\n\n```python\nise.delete_user(user_id='test11')\n\n{'error': '', 'response': 'test11 Deleted Successfully', 'success': True}\n\n```\n\n#### Get details about an admin user\n\n```python\nise.get_admin_user(user_id='admin')\n\n{\n \"SearchResult\": {\n \"total\": 2,\n \"resources\": [\n {\n \"id\": \"c2428e12-105f-4d5f-88ae-5885516d7ac5\",\n \"name\": \"admin\",\n \"description\": \"Default Admin User\",\n \"link\": {\n \"rel\": \"self\",\n \"href\": \"https://8.8.8.8:9060/ers/config/adminuser/c2428e12-105f-4d5f-88ae-5885516d7ac5\",\n \"type\": \"application/json\"\n }\n },\n {\n \"id\": \"e0884628-8d13-451c-b3f7-117f9d0336ad\",\n \"name\": \"ers-operator\",\n \"description\": \"\",\n \"link\": {\n \"rel\": \"self\",\n \"href\": \"https://8.8.8.8:9060/ers/config/adminuser/e0884628-8d13-451c-b3f7-117f9d0336ad\",\n \"type\": \"application/json\"\n }\n }\n ]\n }\n}\n\n```\n\n#### Get a list of devices\n\n```python\nise.get_devices()['response']\n\n[('TestDevice01', '6680f410-5277-11e5-9a52-05505683258b'),\n ('TestDevice02', '64d9b32-5c56-11e5-9a52-00502683258b'),\n ...]\n\n```\n\n#### Get details about a device\n\n```python\nise.get_device(device='TestDevice02')['response']\n\n{'NetworkDeviceGroupList': ['Stage#Stage',\n 'Device Type#All Device Types#Linux',\n 'Location#All Locations'],\n 'NetworkDeviceIPList': [{'ipaddress': '10.8.1.55', 'mask': 32}],\n 'authenticationSettings': {'enableKeyWrap': False,\n 'keyInputFormat': 'ASCII',\n 'networkProtocol': 'RADIUS',\n 'radiusSharedSecret': '******'},\n 'coaPort': 0,\n 'id': '74d9b830-5c76-11e5-9a52-00505683258b',\n 'link': {'href': 'https://8.8.8.8:9060/ers/config/networkdevice/74d9b830-5c76-11e5-9a52-00505683258b',\n 'rel': 'self',\n 'type': 'application/xml'},\n 'modelName': 'Linux',\n 'name': 'TestDevice02',\n 'profileName': 'Cisco'}\n\n```\n\n#### Get a list of device groups\n\n```python\nise.get_device_groups()['response']\n\n[('Device Type#All Device Types', '526240e0-f42e-11e2-bd54-005056bf2f0a'),\n ('Device Type#All Device Types#Switch', 'e25bd190-14e6-11e5-a7a6-00505683258b'),\n ('Device Type#All Device Types#Wism', 'e6b085b0-14e6-11e5-a7a6-00505683258b'),\n ('IPSEC#Is IPSEC Device', '0d3f19b0-30c1-11e7-88b5-005056834dc2'),\n ('IPSEC#Is IPSEC Device#No', '0dac0c50-30c1-11e7-88b5-005056834dc2'),\n ('IPSEC#Is IPSEC Device#Yes', '0d74f6c0-30c1-11e7-88b5-005056834dc2'),\n ('Location#All Locations', '522b7970-f42e-11e2-bd54-005056bf2f0a'),\n ...]\n\n```\n\n#### Get device group(s) details\n\n```python\n# Provide a device_group_id \nise.get_device_group(device_group_id=\"4b26b5b0-71a6-11eb-b5e0-52cf9299494c\")\n\n{'success': True,\n 'response': {'id': '4b26b5b0-71a6-11eb-b5e0-52cf9299494c',\n 'name': 'Device Type#All Device Types#NXOS',\n 'description': '',\n 'link': {'rel': 'self',\n 'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/4b26b5b0-71a6-11eb-b5e0-52cf9299494c',\n 'type': 'application/json'},\n 'othername': 'Device Type'},\n 'error': ''}\n\n\n# Provide a partial group name to look for \nise.get_device_group(name=\"NXOS\")\n\n{'success': True,\n 'response': {'id': '4b26b5b0-71a6-11eb-b5e0-52cf9299494c',\n 'name': 'Device Type#All Device Types#NXOS',\n 'description': '',\n 'link': {'rel': 'self',\n 'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/4b26b5b0-71a6-11eb-b5e0-52cf9299494c',\n 'type': 'application/json'},\n 'othername': 'Device Type'},\n 'error': ''}\n\n# If more than one group found with for a name a list is returned\nise.get_device_group(name=\"Device Types\")\n\n[\n {'success': True,\n 'response': {'id': '70c79c30-8bff-11e6-996c-525400b48521',\n 'name': 'Device Type#All Device Types',\n 'description': 'All Device Types',\n 'link': {'rel': 'self',\n 'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/70c79c30-8bff-11e6-996c-525400b48521',\n 'type': 'application/json'},\n 'othername': 'Device Type'},\n 'error': ''},\n {'success': True,\n 'response': {'id': 'ee45c0a0-7fbc-11eb-ac01-36750594a888',\n 'name': 'Device Type#All Device Types#IOS-XE',\n 'description': '',\n 'link': {'rel': 'self',\n 'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/ee45c0a0-7fbc-11eb-ac01-36750594a888',\n 'type': 'application/json'},\n 'othername': 'Device Type'},\n 'error': ''},\n {'success': True,\n 'response': {'id': '4b26b5b0-71a6-11eb-b5e0-52cf9299494c',\n 'name': 'Device Type#All Device Types#NXOS',\n 'description': '',\n 'link': {'rel': 'self',\n 'href': 'https://8.8.8.8:9060/ers/config/networkdevicegroup/4b26b5b0-71a6-11eb-b5e0-52cf9299494c',\n 'type': 'application/json'},\n 'othername': 'Device Type'},\n 'error': ''},\n]\n```\n\n#### Add a new device group\n\n```python\nise.add_device_group(name=\"Device Type#All Device Types#Python Device Type\", description=\"From Python\")\n\n{'success': True,\n 'response': 'Device Type#All Device Types#Python Device Type Added Successfully',\n 'error': ''}\n```\n\n#### Update a device group\n\n```python\nise.update_device_group(device_group_oid=group_id, name=\"Device Type#All Device Types#Updated Device Type\", description=\"Update Description\")\n\n{'success': True,\n 'response': 'e7db3e00-a36d-11eb-ac01-36750594a888 Updated Successfully',\n 'error': ''}\n```\n\n#### Remove a device group\n\n```python\nise.delete_device_group(name=\"Device Type#All Device Types#Python Device Type\")\n\n{'success': True,\n 'response': 'Device Type#All Device Types#Python Device Type Deleted Successfully',\n 'error': ''}\n```\n\n#### Add a device\n\n```python\nise.add_device(name='testdevice03',\n ip_address='8.8.8.8',\n radius_key='foo',\n snmp_ro='bar',\n dev_group='Stage#Stage#Closed',\n dev_location='Location#All Locations#Site21',\n dev_type='Device Type#All Device Types#Switch')\n\n{'error': '', 'response': 'testdevice03 Added Successfully', 'success': True}\n```\n\n#### Update a device\n\n```python\nise.update_device(\"PYTHON-DEVICE\", tacacs_shared_secret=\"NEWTACACS\")\n\n{'success': True,\n 'response': {'updatedField': [{'field': 'TacacsSettings.ConnectModeOptions',\n 'oldValue': '',\n 'newValue': 'ON_LEGACY'},\n {'field': 'TacacsSettings.SharedSecret', 'newValue': 'NEWTACACS'}]},\n 'error': ''}\n```\n\n#### Delete a device\n\n```python\nise.delete_device(device='testdevice03')\n\n{'error': '', 'response': 'testdevice03 Deleted Successfully', 'success': True}\n```\n\n#### Get all Security Groups (SGTs)\n\n```python\nise.get_sgts()\n\n{'success': True, 'response': [('Contractors', '4f9c8050-8f9f-11ea-b8e4-ca18718347e2'), ('Employees', 'a34ae530-59a2-11ea-a6b9-26b516ce162b'), ('Guest', '440dd8b0-7da7-11ea-bb75-261e6ff61f42'), ('IoT_Devices', '55bd68f0-8f9f-11ea-b8e4-ca18718347e2'), ('IoT_Servers', '36369eb0-8fa0-11ea-b8e4-ca18718347e2'), ('Servers', '385cbd90-8fa1-11ea-b8e4-ca18718347e2'), ('TrustSec_Devices', '947832a0-8c01-11e6-996c-525400b48521'), ('Unknown', '92adf9f0-8c01-11e6-996c-525400b48521')], 'error': '', 'total': 8}\n```\n\n#### Get Specific SGT\n\n```python\nise.get_sgt(\"Unknown\")\nise.get_sgt(0)\nise.get_sgt(\"92adf9f0-8c01-11e6-996c-525400b48521\")\n\n{'success': True, 'response': {'id': '92adf9f0-8c01-11e6-996c-525400b48521', 'name': 'Unknown', 'description': 'Unknown Security Group', 'value': 0, 'generationId': '1', 'propogateToApic': False, 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgt/92adf9f0-8c01-11e6-996c-525400b48521', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Add a SGT\n\n```python\nise.add_sgt(\"Python_Users\", \"Group used for all Python Users\", 56789, return_object=True)\n\n{'success': True, 'response': {'id': 'd4696690-97ba-11ea-9614-caf56bcd6712', 'name': 'Python_Users', 'description': 'Group used for all Python Users', 'value': 56789, 'generationId': '0', 'propogateToApic': False, 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgt/d4696690-97ba-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Update a SGT\n\n```python\nise.update_sgt(\"d4696690-97ba-11ea-9614-caf56bcd6712\", \"Python_Tests\", \"Testing for Python Users\", 45678, return_object=True)\n\n{'success': True, 'response': {'id': 'd4696690-97ba-11ea-9614-caf56bcd6712', 'name': 'Python_Tests', 'description': 'Testing for Python Users', 'value': 45678, 'generationId': '0', 'propogateToApic': False, 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgt/d4696690-97ba-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Delete a SGT\n\n```python\nise.delete_sgt(\"d4696690-97ba-11ea-9614-caf56bcd6712\")\n\n{'success': True, 'response': 'd4696690-97ba-11ea-9614-caf56bcd6712 Deleted Successfully', 'error': ''}\n```\n\n#### Get all Security Groups ACLs (SGACLs)\n\n```python\nise.get_sgacls()\n\n{'success': True, 'response': [('Block_All', '7c9b4a80-8fa1-11ea-b8e4-ca18718347e2'), ('Deny IP', '92919850-8c01-11e6-996c-525400b48521'), ('Deny_ICMP', 'c21dfa60-59a2-11ea-a6b9-26b516ce162b'), ('Deny_IP_Log', '0e6d3830-0684-11ea-ace5-42a6b55c5ca6'), ('Permit IP', '92951ac0-8c01-11e6-996c-525400b48521'), ('Permit_FTP', '761b9e50-7e01-11ea-bb75-261e6ff61f42'), ('Permit_IP_Log', '0e6aee40-0684-11ea-ace5-42a6b55c5ca6'), ('Permit_MQTT', '1470fa00-5a85-11ea-a6b9-26b516ce162b')], 'error': '', 'total': 8}\n```\n\n#### Get Specific SGACL\n\n```python\nise.get_sgacl(\"Permit IP\")\nise.get_sgacl(\"92951ac0-8c01-11e6-996c-525400b48521\")\n\n{'success': True, 'response': {'id': '92951ac0-8c01-11e6-996c-525400b48521', 'name': 'Permit IP', 'description': 'Permit IP SGACL', 'generationId': '0', 'aclcontent': 'permit ip', 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgacl/92951ac0-8c01-11e6-996c-525400b48521', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Add a SGACL\n\n```python\nise.add_sgacl(\"Python_ACL\", \"Access List for Python Access\", \"IP_AGNOSTIC\", [\"permit tcp dst eq 80\"], return_object=True)\n\n{'success': True, 'response': {'id': '7a820000-97bb-11ea-9614-caf56bcd6712', 'name': 'Python_ACL', 'description': 'Access List for Python Access', 'generationId': '0', 'aclcontent': 'permit tcp dst eq 80', 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgacl/7a820000-97bb-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Update a SGACL\n\n```python\nise.update_sgacl(\"7a820000-97bb-11ea-9614-caf56bcd6712\", \"Python_Access_List\", \"Python Access List\", \"IPV4\", [\"permit tcp src eq 80\"], return_object=True)\n\n{'success': True, 'response': {'id': '7a820000-97bb-11ea-9614-caf56bcd6712', 'name': 'Python_Access_List', 'description': 'Python Access List', 'generationId': '1', 'ipVersion': 'IPV4', 'aclcontent': 'permit tcp src eq 80', 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/sgacl/7a820000-97bb-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Get all TrustSec Egress Matrix Cells (Policies)\n\n```python\nise.get_egressmatrixcells()\n\n{'success': True, 'response': [('ANY-ANY', '92c1a900-8c01-11e6-996c-525400b48521'), ('Contractors-Servers', '5251ca60-8fa1-11ea-b8e4-ca18718347e2'), ('Contractors-IoT_Devices', 'de7859b0-8fa0-11ea-b8e4-ca18718347e2'), ('Employees-Servers', '5fb81e71-8fa1-11ea-b8e4-ca18718347e2'), ('Employees-Employees', 'd2d88280-59a2-11ea-a6b9-26b516ce162b'), ('Employees-IoT_Devices', 'e18ac9d1-8fa0-11ea-b8e4-ca18718347e2'), ('Employees-TrustSec_Devices', 'ee035030-59a2-11ea-a6b9-26b516ce162b'), ('Guest-IoT_Devices', 'e4d49da1-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-IoT_Devices', 'b0eccdf0-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-IoT_Servers', 'b7e6d880-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Contractors', 'c82308e0-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Employees', 'cb276f40-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Guest', 'ce1e4110-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-TrustSec_Devices', 'd1e33851-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Devices-Unknown', 'd68d3860-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Servers-IoT_Devices', 'bc784780-8fa0-11ea-b8e4-ca18718347e2'), ('IoT_Servers-IoT_Servers', 'c069f410-8fa0-11ea-b8e4-ca18718347e2'), ('TrustSec_Devices-IoT_Devices', 'e94bcde1-8fa0-11ea-b8e4-ca18718347e2'), ('Unknown-IoT_Devices', 'f3e9da31-8fa0-11ea-b8e4-ca18718347e2')], 'error': '', 'total': 19}\n```\n\n#### Get Specific Egress Matrix Cell\n\n```python\nise.get_egressmatrixcell(\"Default egress rule\")\nise.get_egressmatrixcell(None, src_sgt=\"92bb1950-8c01-11e6-996c-525400b48521\", dst_sgt=\"92bb1950-8c01-11e6-996c-525400b48521\")\n\n{'success': True, 'response': {'id': '92c1a900-8c01-11e6-996c-525400b48521', 'name': 'ANY-ANY', 'description': 'Default egress rule', 'sourceSgtId': '92bb1950-8c01-11e6-996c-525400b48521', 'destinationSgtId': '92bb1950-8c01-11e6-996c-525400b48521', 'matrixCellStatus': 'ENABLED', 'defaultRule': 'PERMIT_IP', 'sgacls': ['92951ac0-8c01-11e6-996c-525400b48521'], 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/egressmatrixcell/92c1a900-8c01-11e6-996c-525400b48521', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Add a Egress Matrix Cell\n\n```python\nise.add_egressmatrixcell(source_sgt=\"Unknown\", destination_sgt=\"TrustSec_Devices\", default_rule=\"PERMIT_IP\", return_object=True)\n\n{'success': True, 'response': {'id': '6f76b621-97bf-11ea-9614-caf56bcd6712', 'name': 'Unknown-TrustSec_Devices', 'sourceSgtId': '92adf9f0-8c01-11e6-996c-525400b48521', 'destinationSgtId': '947832a0-8c01-11e6-996c-525400b48521', 'matrixCellStatus': 'ENABLED', 'defaultRule': 'PERMIT_IP', 'sgacls': ['92951ac0-8c01-11e6-996c-525400b48521'], 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/egressmatrixcell/6f76b621-97bf-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Update a Egress Matrix Cell\n\n```python\nise.update_egressmatrixcell(\"6f76b621-97bf-11ea-9614-caf56bcd6712\", source_sgt=\"Unknown\", destination_sgt=\"TrustSec_Devices\", default_rule=\"NONE\", acls=[\"Deny IP\"], description=\"Description\", return_object=True)\n\n{'success': True, 'response': {'id': '6f76b621-97bf-11ea-9614-caf56bcd6712', 'name': 'Unknown-TrustSec_Devices', 'description': 'Description', 'sourceSgtId': '92adf9f0-8c01-11e6-996c-525400b48521', 'destinationSgtId': '947832a0-8c01-11e6-996c-525400b48521', 'matrixCellStatus': 'ENABLED', 'defaultRule': 'DENY_IP', 'sgacls': ['92919850-8c01-11e6-996c-525400b48521'], 'link': {'rel': 'self', 'href': 'https://10.102.172.125:9060/ers/config/egressmatrixcell/6f76b621-97bf-11ea-9614-caf56bcd6712', 'type': 'application/json'}}, 'error': ''}\n```\n\n#### Delete a Egress Matrix Cell\n\n```python\nise.delete_egressmatrixcell(\"6f76b621-97bf-11ea-9614-caf56bcd6712\")\n\n{'success': True, 'response': '6f76b621-97bf-11ea-9614-caf56bcd6712 Deleted Successfully', 'error': ''}\n```\n\n# History before namechange \u00bb 0.2.0\n\n* Merged back from the work that [https://github.com/karrots](https://github.com/karrots) has done efter I paused the updates. \n* Converted to pipenv packages instead of requirements.txt\n* Updated to ISE 2.4.x\n* Merged back from the work that [https://github.com/msom](https://github.com/msom) has done with some good device fixes.\n * *One big thing is that module is now renamed from ise.cream to just ise.*\n* First publish to PyPi with the help of [https://github.com/JonasKs](https://github.com/JonasKs).\n* Add support for ISE CSRF and some TrustSec objects (SGT, SGACL, Egress Policy Matrix) [https://github.com/joshand](https://github.com/joshand).\n* Merged [Enhancement to Device Group and Device Functions](https://github.com/falkowich/ise/pull/152) with a big thanks to [https://github.com/hpreston](https://github.com/hpreston)\n * New functions for devicegroups where added \u00bb add_device_group, update_device_group, delete_device_group.\n * New function to update devices where added \u00bb update_device\n * Updated get_device_group for looking up names\n * Updated add_device with new parameters and device_payload\n* Updated dependensies for dev and prod, created new manual testcases, cleaned up the code with black.\n",
"bugtrack_url": null,
"license": "",
"summary": "Python wrapper for Cisco ISE ERS API",
"version": "0.3.0.3",
"project_urls": null,
"split_keywords": [
"poetry"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "bd66635bc81918ed39b0cf382a4ada3cce576e88002a5fb60b91f17ea63e6e1b",
"md5": "2c97ca00a12fdbe7ad6b0aa31783e0ee",
"sha256": "6d643b44e565807cf5829c61668f4d0a13d308272831bf6abf3b2054ca9c25c4"
},
"downloads": -1,
"filename": "pyise_ers-0.3.0.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2c97ca00a12fdbe7ad6b0aa31783e0ee",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10,<4.0",
"size": 33026,
"upload_time": "2023-10-28T15:33:11",
"upload_time_iso_8601": "2023-10-28T15:33:11.933229Z",
"url": "https://files.pythonhosted.org/packages/bd/66/635bc81918ed39b0cf382a4ada3cce576e88002a5fb60b91f17ea63e6e1b/pyise_ers-0.3.0.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "395b437c4ebd34811e5197c1451f86eb87cc1822a4458374fe1b36d071d2ee41",
"md5": "3f57c2cbb04657ae2ecb4aeb019a4d04",
"sha256": "3b5a5e70da466c78cf92245b6054375917dd8e0d1d01fc2473efa7a9716f0cae"
},
"downloads": -1,
"filename": "pyise_ers-0.3.0.3.tar.gz",
"has_sig": false,
"md5_digest": "3f57c2cbb04657ae2ecb4aeb019a4d04",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10,<4.0",
"size": 32011,
"upload_time": "2023-10-28T15:33:13",
"upload_time_iso_8601": "2023-10-28T15:33:13.782310Z",
"url": "https://files.pythonhosted.org/packages/39/5b/437c4ebd34811e5197c1451f86eb87cc1822a4458374fe1b36d071d2ee41/pyise_ers-0.3.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-10-28 15:33:13",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "pyise-ers"
}
