Polling Policies via the Management API Calls as a way to export the existing policies.
search cancel

Polling Policies via the Management API Calls as a way to export the existing policies.

book

Article ID: 261588

calendar_today

Updated On:

Products

CASB Gateway Advanced CASB Gateway CASB Audit CASB Advanced Threat Protection CASB Security Advanced CASB Security Advanced IAAS CASB Security Premium CASB Security Premium IAAS CASB Security Standard CASB Securlet IAAS CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS

Issue/Introduction

Running API's via the bash command is a convenient way for admins to run scheduled tasks , this is an example on how to poll the list of policies from Cloudsoc Tenant. Basically the same process can be used for any set of Management API calls with a slight modification on the target points.

 

This article goes over PowerShell Script and Postman, the same can be done with any other tool (curl ..etc).

Environment

The API Key is generated and still valid (Here are the steps if needed)

Download the API key to be used with this test. The downloaded file contains all the information needed ("tenant", "api_server", "key_id" and "key_secret")

 

 

Resolution

Postman:

To run the API test in an HTTP crafter like postman, follow the below steps:

1- Navigate to the proper Workspace and Collection.

2- create a new "Request" object

3- follow the TechDoc of the required API Target point, in this example, we will follow the Techdoc which goes around "Getting Protect Policies" where the request is "GET /<tenant>/api/admin/v1/policies"

4- In the HTTP section, select "GET"

5- In the URL section construct the url in this format "https://API-SERVER/TENANT/api/admin/v1/policies", so in this case it will become "https://api-vip.elastica.net/myCloudsocTenantId/api/admin/v1/policies"

6- Under Authorization, select "Basic Authentication" and use the Key ID as a username and Key Secret as Password

7- Make sure to inject a request header named "X-Elastica-Dbname-Resolved" and set the value to "True"

8- Save and Send the Request.

 

Powershell Script:

the required fields are marked by brackets, replace them with the proper value from the downloaded file (API Key), then run it in PowerShell console.

$APIhost="https://api-vip.elastica.net/"
$tenant="<REPLACE WITH TENANT ID>"
$APIEndPoint="/api/admin/v1/policies/"
$method = "GET"
$APIkey_id = "<REPLACE WITH API KEY ID>"
$APIkey_secret = "<REPLACE WITH API KEY SECRET>"
$keystring = $APIkey_id + ":" + $APIkey_secret
$AuthorizationEncoded = [convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($keystring))
$APIURL = $APIhost + $tenant + $APIEndPoint
$headers= @{"Authorization" = "Basic $($AuthorizationEncoded)"; "Host" = "api-vip.elastica.net";"User-Agent"="MyPowerShellScript";"Accept"="*/*";"Accept-Encoding"="gzip,deflate,br";"X-Elastica-Dbname-Resolved"="True"}
$req=(Invoke-RestMethod -uri $APIURL -Method $method -Headers $headers)
$req.objects

Additional Information

Protect API's are listed on this TechDoc