prototype script that collects information from AWS and Azure virtual machines and creates an endpoint profile into ISE instance
- Jorge Banegas
- AWS
- AZURE
- ISE
- PYTHON
Make sure you are on the root of the project folder.
- First step will be to include the credentials of your ISE/AWS/AZURE instances into the .env file
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AZURE_SUBSCRIPTION_ID=
AZURE_TENANT_ID=
AZURE_CLIENT_ID=
AZURE_CLIENT_SECRET=
API_HOST=
API_USER=
API_PASS=- To find your AWS AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, log into your AWS portal and click on your username, then on my Security Credetials. Scroll down and click on create access key. Copy both and enter it in the .env file.
- To find your AZURE_TENANT_ID and AZURE_CLIENT_ID, log into your Azure portal and select the Azure Active Directory service and on the left panel, click on App registrations then New registration. Once you create the app registration, copy the AZURE_TENANT_ID and AZURE_CLIENT_ID.
- To find your AZURE_CLIENT_SECRET, click on the App Registration you just created and on the left panel, click on Certificates and secrets. Generate your Client Secret and copy that.
- To find your AZURE_SUBSCRIPTION_ID log into your Azure portal and select the subscription service and copy the subscription ID.
-
Enter the IP address and credentials for your ISE environment. Now you have all the required fields for this script.
-
Log into your ISE instance and create the custom attributes.
It is important to use the same case senstivity. The attribute names have to mirror what is on the python script. You can refer to this image
- Create virtual environment and name it env, then activate it
foo@bar:~$ virtualenv env
foo@bar:~$ source env/bin/activate- Install the dependencies required for the python script
foo@bar(env):~$ pip install -r requirements.txtYou can change the time frequency of the queries by minutes in line 125 and 126
scheduler.add_job(aws, 'interval', minutes=1)
scheduler.add_job(azure, 'interval', minutes=1)To launch script:
```console
foo@bar(env):~$ python main.py
```
Or you may use the Dockerfile to run it as well
foo@bar(env):~$ docker build -t iseimage:1.0 .
foo@bar(env):~$ docker container run --name iseimageSnapshot of my AWS and Azure environment
ISE before launching script
ISE after launching script
Snapshot of an AWS endpoint on ISE
Snapshot of an AZURE endpoint on ISE
- Check out the AWS python SDK link if you are looking to query more about the EC2 instances
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/examples.html
- Check out the Azure python SDK link if link if you are looking to query more about the Azure instances.
This project is leveraging these versions of the Azure python libraries.
azure-common==1.1.27 azure-core==1.13.0 azure-identity==1.5.0 azure-mgmt-compute==20.0.0 azure-mgmt-core==1.2.2 azure-mgmt-network==18.0.0
https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-overview
https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-example-list-resource-groups
https://pypi.org/project/azure-mgmt-compute/
https://pypi.org/project/azure-mgmt-network/
Provided under Cisco Sample Code License, for details see LICENSE
Our code of conduct is available here
See our contributing guidelines here
Please note: This script is meant for demo purposes only. All tools/ scripts in this repo are released for use "AS IS" without any warranties of any kind, including, but not limited to their installation, use, or performance. Any use of these scripts and tools is at your own risk. There is no guarantee that they have been through thorough testing in a comparable environment and we are not responsible for any damage or data loss incurred with their use. You are responsible for reviewing and testing any scripts you run thoroughly before use in any non-testing environment.