{"id":19937127,"url":"https://github.com/tufin/securex","last_synced_at":"2026-03-05T12:02:24.674Z","repository":{"id":50152234,"uuid":"272981285","full_name":"Tufin/SecureX","owner":"Tufin","description":"SecureX Integration for the Tufin Orchestration Suite","archived":false,"fork":false,"pushed_at":"2021-12-08T19:17:23.000Z","size":266,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-11-28T16:22:28.448Z","etag":null,"topics":["cisco","securex","tufin"],"latest_commit_sha":null,"homepage":"https://www.tufin.com","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Tufin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-06-17T13:28:15.000Z","updated_at":"2021-12-08T19:17:25.000Z","dependencies_parsed_at":"2022-09-23T23:33:52.054Z","dependency_job_id":null,"html_url":"https://github.com/Tufin/SecureX","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Tufin/SecureX","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tufin%2FSecureX","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tufin%2FSecureX/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tufin%2FSecureX/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tufin%2FSecureX/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Tufin","download_url":"https://codeload.github.com/Tufin/SecureX/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tufin%2FSecureX/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30123731,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T11:11:57.947Z","status":"ssl_error","status_checked_at":"2026-03-05T11:11:29.001Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cisco","securex","tufin"],"created_at":"2024-11-12T23:31:04.129Z","updated_at":"2026-03-05T12:02:24.656Z","avatar_url":"https://github.com/Tufin.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"## Overview\nTufin's SecureX integration includes Atomic Actions covering SecureTrack, SecureChange, SecureApp, and SecureCloud.  Each Atomic Action is autonomous, meaning you may install and use the Atomic Actions relevant to your Tufin products and disregard any Atomic Actions which are not applicable.\n\n## Account Key Configuration\n##### SecureTrack/SecureChange/SecureApp #####\nA single Account Key may be utilized when multiple TOS components (SecureTrack, SecureChange, and SecureApp) share the same credentials.  If the credentials differ between SecureTrack, SecureChange, and SecureApp deployments, different Account Keys should be configured for each.\n\n**Important Account Key Parameters:**\n\n| **Parameter** | **Value** | \n| --- | --- | \n| Account Key Type | HTTP Basic Authentication |\n| Username | ST, SC, or SA Username |\n| Password | ST, SC, or SA Password |\n| Authentication Option | Basic |\n\n\n##### SecureCloud #####\nSecureCloud utilizes an API access key for authentication.  No SecureX Account Key needs to be configured for SecureCloud.  Instead, each SecureCloud Atomic Action contains a variable named \"API Access Key\" which should be used to store the API access key for your account.  For information on creating an API access key in SecureCloud, please see the following Knowledge Center document: https://forum.tufin.com/support/kc/securecloud/Content/SecureCloud/APIAccessKeys.htm.\n\n## Target Configuration\n##### SecureTrack/SecureChange/SecureApp #####\nA single Target may be utilized when multiple TOS components (SecureTrack, SecureChange, and SecureApp) share the same hostname/IP and credentials.  If the hostname/IP and/or credentials differ between SecureTrack, SecureChange, and SecureApp deployments, different Targets should be configured for each.\n\n**Important Target Parameters:**\n\n| **Parameter** | **Value** | \n| --- | --- | \n| Target Type | HTTP Endpoint |\n| Default Account Keys | ST, SC, or SA Account Key (If configured) |\n| Protocol | HTTPS |\n| Path | \u003cblank\u003e |\n| Disable Server Certificate Validation | Check if required |\n\n##### SecureCloud #####\n\nSecureCloud uses an HTTP Endpoint target to identify your SecureCloud instance.  Please note that an Account Key is not used with this target; instead, the API Access Key is configured in the Atomic Action.  Details are provided in the Account Key Configuration section above.\n\n**Important Target Parameters:**\n\n| **Parameter** | **Value** | \n| --- | --- | \n| Target Type | HTTP Endpoint |\n| No Account Keys | True |\n| Protocol | HTTPS |\n| Host/IPAddress | Your SecureCloud URL (Example: example.securecloud.tufin.io |\n| Port | \u003cblank\u003e |\n| Path | \u003cblank\u003e |\n\n## Atomic Actions\n\n**SecureTrack**\n \n1. Tufin Resolve Objects\n \n2. Tufin Search Devices\n \n3. Tufin Search Policies\n \n4. Tufin Search Topology\n \n\n**SecureChange**\n \n5. Tufin Get Change Info\n \n6. Tufin Submit FW Change Request\n \n7. Tufin Submit Server Decom Request\n\n**SecureApp**\n \n8. Tufin Search Applications\n \n9. Tufin Search Application Connections\n\n**SecureCloud**\n \n10. Tufin SecureCloud - Add Public Cloud Policy\n \n11. Tufin SecureCloud - Create Cluster\n \n12. Tufin SecureCloud - Create Cluster Policies from Connections\n \n13. Tufin SecureCloud - Delete Cluster\n \n14. Tufin SecureCloud - Delete Discovered Connections\n \n15. Tufin SecureCloud - Get Cluster Install Command\n \n16. Tufin SecureCloud - Get Cluster Policies\n \n17. Tufin SecureCloud - List Accounts\n \n18. Tufin SecureCloud - List Applications\n \n19. Tufin SecureCloud - List Assets\n \n20. Tufin SecureCloud - List K8S Clusters\n \n21. Tufin SecureCloud - List K8S Services for Cluster\n \n22. Tufin SecureCloud - List K8S Workloads for Cluster\n \n23. Tufin SecureCloud - List Public Cloud Policies\n\n\n### 1. Tufin Resolve Objects\n\nResolve IP address to Network Object\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| IP Address | IP Address | Yes | \n\n##### Output\n\n**Tufin Objects Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| id | String | TOS object ID | \n| uid | String | TOS object UID | \n| display_name | String | Display name of object | \n| implicit | Boolean | Is the object implicit? | \n| ip | String | Object IP address | \n| overrides | String | Object overrides (applicable only for Panorama NG) | \n| class_name | String | Class of object | \n| ip_type | String | IPv4 or IPv6 | \n| type | String | Type of object in TOS | \n| type_on_device | String | Type of object on device | \n| comment | String | Object comment | \n| device_id | Integer | ID of device on which object exists | \n| name | String | Name of object | \n| netmask | String | Netmask of object | \n \n### 2. Tufin Search Devices\n\nSearch SecureTrack devices\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Vendor | Device Vendor | No | \n| Model | Device Model | No | \n| Name | Device Name | No | \n| IP Address | Device IP Address | No | \n\n##### Output\n\n**Tufin Devices Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| model | String | Device model | \n| name | String | Device name | \n| offline | Boolean | Is the device offline? | \n| topology | Boolean | Is the device included in topology? | \n| virtual_type | String | Virtual type of the device | \n| domain_name | String | TOS domain name | \n| id | String | Device ID | \n| ip | String | Device IP address | \n| latest_revision | String | Latest policy revision ID | \n| module_uid | String | Model UID | \n| vendor | String | Device vendor | \n| context_name | String | Device context name | \n| domain_id | String | TOS domain ID | \n\n### 3. Tufin Search Policies\n\nSearch the policies of all devices managed by Tufin\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Search | The text format is for a field is fieldname:text for example source:192.168.1.1 or bareword for free text search. See the search info documentation in Securetrack Policy Browser page for more information. | Yes | \n| Max Results Per Device | Maximum number of search results to return, per device (Default: 25) | No |\n\n##### Output\n\n**Tufin Policies Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| destination_service | String | Destination service | \n| device | String | Device on which policy exists | \n| source | String | Source address | \n| source_service | String | Source service | \n| action | String | Policy action | \n| destination | String | Destination address | \n\n### 4. Tufin Search Topology\n\nSearch the Tufin Topology Map\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Source IP | Source IP Address | Yes | \n| Destination IP | Destination IP Address | Yes | \n| Service | Service (for example, “tcp:80”, or “http\") | No | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Tufin Topology Is Permitted | Boolean | Is the traffic permitted? | \n\n**Tufin Topology Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| type | String | Device type | \n| vendor | String | Device vendor | \n| hop | Integer | Hop number | \n| id | Integer | Device ID | \n| name | String | Device name | \n\n### 5. Tufin Get Change Info\n\nGet information on a SecureChange Ticket\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Ticket ID | SecureChange ticket ID | Yes | \n\n##### Output\n\n**Tufin Ticket Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| current_step_name | String | Current ticket step | \n| id | Integer | Ticket ID | \n| requester | String | Ticket requester | \n| requester_id | Integer | Ticket requester ID | \n| status | String | Ticket status | \n| workflow_name | String | Name of workflow used for ticket | \n| comments | String | Ticket comments | \n| domain_name | String | TOS domain of ticket | \n| priority | String | Ticket priority | \n| sla_outcome | String | Outcome of ticket SLA | \n| subject | String | Ticket subject | \n\n### 6. Tufin Submit FW Change Request\n\nSubmit a firewall change request to SecureChange.\n\n**Note:** This action is based on the default firewall change request template included with SecureChange.  If changes are made to this template, changes will be required in the JSON submitted in the `Request Body` of the `Submit Change Request` action.\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Subject | Ticket subject | Yes | \n| Priority | Ticket priority (acceptable values: `Critical`, `High`, `Normal`, `Low`)  | Yes | \n| Source | Source address | Yes | \n| Destination | Destination address | Yes | \n| Port | Port number | Yes | \n| Protocol | Protocol (acceptable values: `TCP`, `UDP`) | Yes | \n| Action | Policy action (acceptable values: `Accept`, `Drop`, `Remove`)  | Yes | \n| Comment | Comment for change request | No | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Success | Boolean | Was the ticket created successfully? | \n\n### 7. Tufin Submit Server Decom Request\n\nSubmit a server decommission request to SecureChange.\n\n**Note:** This action is based on the default server decommission request template included with SecureChange.  If changes are made to this template, changes will be required in the JSON submitted in the `Request Body` of the `Submit Change Request` action.\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Subject | Ticket subject | Yes | \n| Priority | Ticket priority (acceptable values: `Critical`, `High`, `Normal`, `Low`)  | Yes | \n| IP Address | Server IP address | Yes | \n| Comment | Comment for change request | No | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Success | Boolean | Was the ticket created successfully? | \n\n### 8. Tufin Search Applications\n\nSearch SecureApp applications by name\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Application Name | Application Name | No | \n\n##### Output\n\n**Tufin Applications Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| modified | String | Last modified date | \n| name | String | Application name | \n| status | String | Applcation status | \n| comment | String | Applicaiton comment | \n| created | String | Created date | \n| decommissioned | Boolean | Is the applcation decommissioned | \n| id | Integer | Application ID | \n\n### 9. Tufin Search Application Connections\n\nRetrieve the connections for a SecureApp application\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| App ID | Application ID | Yes | \n\n##### Output\n\n**Tufin Application Connections Table**\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| comment | String | Connection comment | \n| destinations | String | List of connection destinations | \n| external | String | Is the connection external | \n| id | Integer | Connection ID | \n| name | String | Connection name | \n| services | String | List of connection services | \n| source | String | List of connection sources | \n| status | String | Connection status | \n\n### 10. Tufin SecureCloud - Add Public Cloud Policy\n\nAdd a rule to the SecureCloud public cloud policy\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| New Policy | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Policy/put_api_v1_iris_conf_global_policy for policy formatting requirements | Yes | \n\n##### Output\n\nNo output\n\n### 11. Tufin SecureCloud - Create Cluster\n\nCreate a new cluster in SecureCloud\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster to be created | Yes | \n\n##### Output\n\nNo output\n\n### 12. Tufin SecureCloud - Create Cluster Policies from Connections\n\nCreate or update a cluster policy based on the discovered connections\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster | Yes | \n| Namespace | Name of the Namespace | No | \n\n##### Output\n\nNo output\n\n### 13. Tufin SecureCloud - Delete Cluster\n\nDelete a cluster from SecureCloud\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster to be deleted | Yes | \n\n##### Output\n\nNo output\n\n### 14. Tufin SecureCloud - Delete Discovered Connections\n\nDelete all newly discovered connections for a cluster\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster to delete connections from | Yes | \n\n##### Output\n\nNo output\n\n### 15. Tufin SecureCloud - Get Cluster Install Command\n\nCreate a new cluster in SecureCloud\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster | Yes | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Install Command | String | Bash command to be executed on the cluster to add the cluster to SecureCloud |\n\n### 16. Tufin SecureCloud - Get Cluster Policies\n\nGet the Kubernetes policy defined in SecureCloud as a YAML file\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster | Yes | \n| Namespace | Name of the namespace | Yes | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Policy YAML | String | Kubernetes policy in YAML |\n\n### 17. Tufin SecureCloud - List Accounts\n\nList all public cloud accounts being managed by SecureCloud\n\n##### Input\n\nNo input\n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Account Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Accounts/get_api_v1_iris_conf_accounts |\n\n### 18. Tufin SecureCloud - List Applications\n\nList all public cloud applications discovered by SecureCloud\n\n##### Input\n\nNo input\n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Application Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Applications/get_api_v1_iris_model_cross_account_applications |\n\n### 19. Tufin SecureCloud - List Assets\n\nList all public cloud assets\n\n##### Input\n\nNo input\n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Asset Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Assets/get_api_v1_iris_model_cross_account_assets |\n\n### 20. Tufin SecureCloud - List K8S Clusters\n\nList all Kubernetes clusters managed in SecureCloud\n\n##### Input\n\nNo input\n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Cluster Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Cluster%20management/get_api_v1_orca_conf_clusters |\n\n### 21. Tufin SecureCloud - List K8S Services for Cluster\n\nList all the Kubernetes services for a cluster managed in SecureCloud\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster | Yes | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Service Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Kubernetes%20cluster%20resources/get_api_v1_orca_model_clusters__name__services |\n\n### 22. Tufin SecureCloud - List K8S Workloads for Cluster\n\nList all the Kubernetes workloads for a cluster managed in SecureCloud\n\n##### Input\n\n| **Argument Name** | **Description** | **Required** |\n| --- | --- | --- |\n| Cluster Name | Name of the cluster | Yes | \n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Workloads Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Kubernetes%20cluster%20resources/get_api_v1_orca_model_clusters__name__workloads |\n\n### 23. Tufin SecureCloud - List Public Cloud Policies\n\nShow the public cloud policy defined in SecureCloud\n\n##### Input\n\nNo input\n\n##### Output\n\n| **Name** | **Type** | **Description** |\n| --- | --- | --- |\n| Policy Objects JSON | String | See https://***youraccount***.securecloud.tufin.io/api-documentation/index.html#/Policy/get_api_v1_iris_conf_global_policy |\n\n## Troubleshooting\n\nContact Tufin support via the Tufin User Portal, or by going to https://www.tufin.com/support\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftufin%2Fsecurex","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftufin%2Fsecurex","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftufin%2Fsecurex/lists"}