Code ExchangeSearchRepository

published

Sharing AWS EC2 instance Image description context (IP & instance profile) to Cisco Firepower Management Center

This repo contains a Python & Perl scripts to grab context information, IP & instance profile, from AWS EC2 and share this with Cisco FMC.
image


image

Please contact me at alexandre@argeris.net, if you have any questions or remarks. If you find any bugs, please report them to me, and I will correct them.

VARIABLES TO MODIFY BEFORE RUNNING THE SCRIPT

parameters.json need to be modify before running the script.

image

How to create a FMC user with API role

Add a new role.

image

Add a new user

image

Perl script for Host Input (FMC) communications

This script is based on the AMP4e-to-FMC-Host-Input-Script available on cisco.com

https://software.cisco.com/download/home/286259687/type/286271057/release/Host%20InputNote

These files are of 'FMC Host Input API SDK'as-it-is downloaded from CCO without any modifications.

sf_host_input_agent.pl

SFCheckPreReq.pm

SFHIclient.pm

SFHIlog.pm

SFHostInputAgent.pm

SFPkcs12.pm

InputPlugins\csv.pm

CLONING THE REPO

git clone https://github.com/tekgourou/AWS_EC2_CONTEXT_to_FMC.git

cd AWS_EC2_CONTEXT_to_FMC/scripts

python3 -m venv venv

source venv/bin/activate

pip3 install -r requirements.txt

Prerequisites

This tool use python to establish communications with AWS EC2 API and pull the context informations for all instances.

Then the tool uses perl to establish communications with FMC to add host profile collected earlier to the Hostprofile in FMC.

Python Modules

boto3

Please refer to https://boto3.amazonaws.com/v1/documentation/api/latest/guide/quickstart.html if your are not familiar with this module.

AWS API key

You will need to get your a AWS API key from the AWS portal.

FMC Host Input API client certificate

File (xxxxxx.pkcs12) generated from FMC, downloaded in this script's local directory.
To generate the certificate, login to FMC Web GUI and navigate to System -> Integrations -> Host Input Client-> CreateClient->give the IP address of your HOST and DO NOT GIVE a password-> Save. Download the pkcs12file in this script's local directory.

Running this script

Before running the following command ensure that all prerequisites are met and run it in the script directory loaded.
To run the tool simply execute:

python3.6 AWS_EC2_info_to_FMC.py

My suggestion is to run the script with crontab (linux) or Task Scheduler (Microsoft) every 60 minutes.

All the activities of the script are logged to a file called AUDIT.log file. The file is not over-written, only appended. This includes all INFO and ERROR messages.

View code on GitHub
Related code repos

Code Exchange Community

Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
Disclaimer:
Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.