https://github.com/akamai/cli-firewall

Provides a way to interact with Firewall Rules and Site Shield related information via Open APIs.
https://github.com/akamai/cli-firewall

akamai-cli cli firewall firewall-management securtity-cli siteshield

Last synced: about 1 month ago
JSON representation

Provides a way to interact with Firewall Rules and Site Shield related information via Open APIs.

• Host: GitHub
• URL: https://github.com/akamai/cli-firewall
• Owner: akamai
• License: apache-2.0
• Created: 2018-03-06T17:48:01.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2022-03-07T14:33:14.000Z (almost 3 years ago)
• Last Synced: 2024-04-15T16:22:09.604Z (9 months ago)
• Topics: akamai-cli, cli, firewall, firewall-management, securtity-cli, siteshield
• Language: Python
• Homepage:
• Size: 81.1 KB
• Stars: 15
• Watchers: 11
• Forks: 9
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# cli-firewall

Provides a way to interact with Firewall Rules and Site Shield related information via Open APIs. Functionality includes viewing firewall rules services, subscribing and unsubscribing to firewall rules services, viewing and acknowledging Site Shield maps, and listing CIDR blocks.

## Local Install

* Python 3+

* pip install edgegrid-python

### Credentials

In order to use this module, you need to:

* Set up your credential files as described in the [authorization](https://developer.akamai.com/introduction/Prov_Creds.html) and [credentials](https://developer.akamai.com/introduction/Conf_Client.html) sections of the Get Started pagegetting started guide on developer.akamai.comthe developer portal.  

* When working through this process you need to give grants for the Firewall Rules Manager and Siteshield API.  For Firewall Rules, the section in your configuration file should be called [firewall]. For Site Shield, the section in your configuration file should be called [site-shield]

```

[firewall]

client_secret = [CLIENT_SECRET]

host = [HOST]

access_token = [ACCESS_TOKEN_HERE]

client_token = [CLIENT_TOKEN_HERE]

```

```

[site-shield]

client_secret = [CLIENT_SECRET]

host = [HOST]

access_token = [ACCESS_TOKEN_HERE]

client_token = [CLIENT_TOKEN_HERE]

```

## Functionality

This version includes the following functionality:

* List all firewall rules services available for subscription

* Subscribe and unsubscribe to firewall rules services

* List CIDRs for all current subscriptions or a specific firewall rules subscribed to

* List all available Site Shield maps

* List CIDRs for a specified Site Shield map

* Acknowledge a pending Site Shield map update

## akamai-firewall

This is the main program that wraps this functionality in a command line utility:

* [list-services](#list-services)

* [list-subscriptions](#list-subscriptions)

* [subscribe](#subscribe)

* [unsubscribe](#unsubscribe)

* [list-cidrs](#list-cidrs)

## akamai-site-shield

This is the main program that wraps this functionality in a command line utility:

* [list-maps](#list-maps)

* [list-cidrs](#list-cidrs-1)

* [acknowledge](#acknowledge)

## Global Flags

- `--edgerc value` — Location of the credentials file (default: "/Users/username") [$AKAMAI_EDGERC]

- `--section value` — Section of the credentials file (default: "firewall" default: "site-shield") [$AKAMAI_EDGERC_SECTION]

- `--help`, `-h` — show help

- `--version`, `-v` — print the version

```bash

%  akamai firewall --section section list-services

%  akamai site-shield --section section list-maps

```

akamai fw can also be used as alias for akamai firewall

akamai ss can also be used as alias for akamai site-shield

### list-services

List available firewall rules services available for subscription. A service must be subscribed to before CIDRs can be displayed for that service.

```bash

%  akamai firewall list-services

```

### list-subscriptions

List current subscriptions.

```bash

%  akamai firewall list-subscriptions

```

### subscribe

Subscribe to a firewall rules service (email address is mandatory).

```bash

%  akamai firewall subscribe --service-id 1 --email [email protected]

%  akamai firewall subscribe --service-name FIRSTPOINT --email [email protected]

```

The flags of interest are (please specify either --service-name or --service-id):

```

--service-id             ID of service to be subscribed for

--service-name           Name of service to be subscribed for

--email                  Email address to subscribe for service specified

```

### unsubscribe

Unsubscribe from a specific firewall rules service.

```bash

%  akamai firewall unsubscribe --service-id 1

%  akamai firewall unsubscribe --service-name FIRSTPOINT

```

The flags of interest are (please specify either --service-name or --service-id):

```

--service-id             ID of service to be unsubscribed from

--service-name           Name of service to be unsubscribed from

--email                  Email address to unsubscribe for service specified

```

### list-cidrs

List the CIDR blocks for all current subscriptions or a specific firewall rules service subscription.

```bash

%  akamai firewall list-cidrs

%  akamai firewall list-cidrs --file

%  akamai firewall list-cidrs --service-name FIRSTPOINT

%  akamai firewall list-cidrs --service-id 20

%  akamai firewall list-cidrs --service-name 'Global Traffic Management - Siteshield' --json

```

The flags of interest are:

```

--service-id             ID of service to be unsubscribed from (optional)

--service-name           Name of service to be unsubscribed from (optional)

--json                          Display output in json format (optional)

```

### list-maps

List available Site Shield maps.

```bash

%  akamai site-shield list-maps

```

### list-cidrs

List the CIDRs for a specified Site Shield map

```bash

%  akamai site-shield list-cidrs --map-id 12345

%  akamai site-shield list-cidrs --map-name sample.akamaiedge.net

%  akamai site-shield list-cidrs --map-name sample.akamaiedge.net --json

```

The flags of interest are (please specify either --map-id or --map-name):

```

--map-id             	ID of desired Site Shield map

--map-name           	Name of desired Site Shield map

--json                        Display output in json format (optional)

```

### acknowledge

Acknowledge a pending Site Shield map update.

```bash

%  akamai site-shield acknowledge --map-id 12345

%  akamai site-shield acknowledge --map-name sample.akamaiedge.net

```

The flags of interest are (please specify either --map-id or --map-name):

```

--map-id             	ID of desired Site Shield map

--map-name           	Name of desired Site Shield map

```

# Contribution

By submitting a contribution (the “Contribution”) to this project, and for good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, you (the “Assignor”) irrevocably convey, transfer, and assign the Contribution to the owner of the repository (the “Assignee”), and the Assignee hereby accepts, all of your right, title, and interest in and to the Contribution along with all associated copyrights, copyright registrations, and/or applications for registration and all issuances, extensions and renewals thereof (collectively, the “Assigned Copyrights”). You also assign all of your rights of any kind whatsoever accruing under the Assigned Copyrights provided by applicable law of any jurisdiction, by international treaties and conventions and otherwise throughout the world.

# Notice

Copyright 2020 – Akamai Technologies, Inc.

All works contained in this repository, excepting those explicitly otherwise labeled, are the property of Akamai Technologies, Inc.