Code ExchangeSearchRepository
This repository is deprecated; please follow the main search page or use the ‘Related code repos’ widget on the right side of the current page.

SecureX Orchestrator Atomic Actions for Cisco Defense Orchestrator (CDO)

published sxoanalyzed

NOTE: Some atomic actions in this repository make use of CDO's REST API & not the official GraphQL-based Public API. Whilst the atomics that use the REST API aren't an officially supported methodology to programmatically interact with CDO, these endpoints are the same as what the CDO GUI uses and therefore, considered stable and suitable for use, especially in cases where the GraphQL-based Public API may not support certain methods.

Additional Resources:

In this repository, you'll find the following atomics:

1. Command Runner

Purpose: This atomic action makes use of CDO's REST API to run a CLI command on an ASA

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply the ASA's UID and the command to run as inputs
  4. The output of this atomic action is the CLI response of the command as seen on the device

2. Create New ACL

Purpose: This atomic action makes use of CDO's REST API to create an Access List on CDO with an associated Network Object Group

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply Input Variables (all variables have descriptions in-line)
  4. Tweak "Parse Response" JSONPath Query to pick out an attribute (by default, UID of the Access Group created)
  5. The output of this atomic action is the UID of the Access Group created

3. Delete Objects

Purpose: This atomic action makes use of CDO's REST API to delete unused Object Groups on CDO by their UIDs

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply a comma-separated list of UIDs of objects to delete - ensure these objects are not already associated with any devices
  4. If this atomic action runs successfully, a successful response was received from CDO

4. Deploy Job By Device

Purpose: This atomic action makes use of CDO's REST API to launch a deployment job on CDO

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply the device UID of a device with one or more staged changes
  4. The output of this atomic action is the UID of the CDO job launched

5. Generic GraphQL

Purpose: This atomic action makes it possible to use GraphQL with SXO's Web Service Adapter

Steps to use:

  1. Create a target https://edge.us.cdo.cisco.com
  2. Input CDO API Token to this workflow
  3. Supply GraphQL query from API docs

6. Get Object Group By Name

Purpose: This atomic action makes it possible to use GraphQL to retrieve an Object Group's UID given it's name with SXO's Web Service Adapter

Steps to use:

  1. Create a target https://edge.us.cdo.cisco.com
  2. Input CDO API Token to this workflow
  3. Supply the name of the object group to search for (by default, only the first match is returned)
  4. The output of this atomic action is the UID of the object group

7. Monitor Jobs

Purpose: This atomic action makes use of CDO's REST API to monitor a deployment job on CDO

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply the job UID as input (optional)
  4. The output of this atomic action is the status of a job on CDO. If no job UID is supplied, the output is the overall status of all jobs on CDO.

8. Create New Object Group

Purpose: This atomic action makes it possible to use GraphQL to create a new object group on CDO with SXO's Web Service Adapter

Steps to use:

  1. Create a target https://edge.us.cdo.cisco.com
  2. Input CDO API Token
  3. Supply input variables
  4. Tweak "Parse Response" JSONPath Query to pick out an attribute (by default, UID)
  5. The output of this atomic action is the UID of the object group created

9. Create New Service Object

Purpose: This atomic action makes use of CDO's REST API to create a new service object on CDO

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply the protocol, object name, description, source/destination ports for the service object as applicable
  4. The output of this atomic action is the UID of the Service Object created

10. Query Devices

Purpose: This atomic action makes it possible to use GraphQL to query devices by either name, IP address, serial, or interfaces with SXO's Web Service Adapter

Steps to use:

  1. Create a target https://edge.us.cdo.cisco.com
  2. Input CDO API Token
  3. Supply Search Term
  4. Tweak "Parse Response" JSONPath Query to pick out an attribute (by default, UID)
  5. The Output of this workflow is a list of Device UIDs (could be one or more based on search term)

11. Terminate VPN Sessions

Purpose: This atomic action makes use of CDO's REST API to terminate VPN sessions across all devices given a User's ID

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply the User's ID input
  4. Successful execution of this atomic action indicates successful termination of VPN sessions for the given User ID

12. Update Object Group via GraphQL

Purpose: This atomic action makes it possible to use GraphQL to update an object group on CDO with SXO's Web Service Adapter.

Steps to use:

  1. Create a target https://edge.us.cdo.cisco.com
  2. Input CDO API Token
  3. Supply input variables
  4. Tweak "Parse Response" JSONPath Query to pick out an attribute (by default, UID)
  5. The output of this atomic action is a comma-separated string of UIDs of all affected devices that are mapped to the updated object group

13. Update Object Group via REST

Purpose: This atomic action makes use of CDO's REST API to update an existing object group on CDO. Use only in case there are issues with updating the object group via the GraphQL atomic.

NOTE: This atomic will replace/overwrite all parameters. If you wish to append to existing configuration, you must include existing configuration in your input to this atomic.

Steps to use:

  1. Create a target for the CDO REST API: https://www.defenseorchestrator.com/aegis/rest/v1/
  2. Input CDO API Token to this workflow
  3. Supply the UID of Object Group to update and other parameters as applicable (CIDR List, Name, Description)
  4. The output of this atomic action is a comma-separated string of UIDs of all affected devices that are mapped to the updated object group

Contributors:

  1. Aman Sardana (amasarda@cisco.com)
  2. Anant Nambiar (ananambi@cisco.com)

Cisco CX Managed Services - Operate, May 2021

View code on GitHub
Related code repos

    Code Exchange Community

    Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
    Disclaimer:
    Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.