modulepackage
2.0.0-beta.41
Repository: https://github.com/brian1917/illumioapi.git
Documentation: pkg.go.dev
# README
Illumio API Package
Description
Go package to interact with the Illumio API.
Version 2 Announcement
The new default branch is v2. The v1 branch will be minimally maintained. Version 1 was built as needed and as it evolved there were many things that would have bee done differently from the start. Version 2 looks to address a lot of these. See below for a non-exhaustive list of the major changes:
- Version 2 aims for better consistency for when pointers are used in structs. Pointers are used for custom types, slices, and booleans as well as any integer or string that could need to be cleared in the PCE. For example, an
hrefnever can be cleared in the PCE so it is astring. Adescriptioncould be cleared (e.g., send aPUTrequest to remove a description). In that case it's a*stringso you can send a blank string withomitemptyto clear it or anilvalue to have it omitted. - Version 2 has some helper functions to deal with all of the pointers in the data structure.
PtrToValcan be used on any pointer to return its value or blank value if it'snil. The goal is to reduce the checking ofnilbefore doing a comparison or using a value where appropriate. - Version 2 does not return slices for getting policy objects. For example
pce.GetWkldswill return just theAPItype and anerr. The policy objects are populated into thepceslices and maps.
Example Code
All interactions with the PCE are done via methods on the pce type. For example, the code below prints all hostnames:
// Create PCE
pce := illumioapi.PCE{
FQDN: "bp-lab.poc.segmentationpov.com",
Port: 8443,
DisableTLSChecking: true}
// Login and ignore error checking for example
pce.Login("[email protected]", "Password123")
// Get all workloads
api, err := pce.GetWklds(nil)
fmt.Println(api.StatusCode)
if err != nil {
log.Fatal(err)
}
// Iterate through workloads and print hostname
for _, w := range pce.WorkloadsSlice {
fmt.Println(w.Hostname)
}
# Functions
No description provided by the author
No description provided by the author
DedupeExplorerTraffic takes two traffic responses and returns a de-duplicated result set.
LabelsToRuleStructure takes a slice of labels and returns a slice of slices for how the labels would be organized as read by the PCE rule processing.
ParseObjectType takes an href and returns one of the following options: iplist, label, label_group, virtual_service, workload, or unknown.
ParseTemplateFile imports a JSON template file into the PCE.
ProtocolList returns a map for the IANA protocol numbers.
Ptr returns a pointer to any object.
PtrToVal returns the value of a pointer If the pointer is nil, a blank value is returned.
# Structs
Actors are part of consumer or providers for rules and boundaries.
An Agent is an Agent on a Workload.
AgentHealth represents the Agent Health of the Status of a Workload.
AgentHealthErrors represents the Agent Health Errors of the Status of a Workload This is depreciated - use AgentHealth.
APIKey represents an API Key.
APIResponse contains the information from the response of the API.
No description provided by the author
Root Asynchronous explorer query status.
Authentication represents the response of the Authenticate API.
No description provided by the author
BulkResponse is the data structure for the bulk response API.
ChangeSubset Hash of pending hrefs, organized by model.
CompatibilityReport is available in idle workloads.
A condition is used by the VEN Conditions are never created or upgraded.
Config represents the Configuration of an Agent on a Workload.
ConsumerOrProvider is used by rules and enforcement boundaries.
ConsumingSecurityPrincipals are AD user groups.
ContainerCluster represents a Kubernetes cluster.
ContainerWorkloadProfile is a Kubernetes namespace.
No description provided by the author
Dst is the provider workload details.
An EnforcementBoundary is part of Illumio policy to dicated where policy is enforced.
No description provided by the author
Event represents an auditable event in the Illumio PCE Events cannot be created or updated.
EventCreatedBy is who created the event.
ExplorerServices represent services to be included or excluded in the explorer query.
ExpSrv is a service in the explorer response.
FirewallSettings are a provisionable object.
A flowfilter is a collector filter.
FlowUploadResp is the response from the traffic upload API.
FQDN represents an FQDN in an IPList.
Href is used for CreatedBy, UpdatedBy, etc.
IllumioSecurityTemplate contains Labels, IP Lists, Services.
IllumioSecurityTemplateFile is a file with a slice of templates.
IncludeOrExclude is used in traffic queries.
No description provided by the author
Info are notification info.
IngressServices - more info to follow.
An Interface represent the network interface of a workload An interface can never be updated or created.
IPAddress represents an IP Address.
IPList represents an IP List in the PCE.
IPRange repsents one of the IP ranges of an IP List.
IPTablesRules - more info to follow.
A Label represents an Illumio Label.
No description provided by the author
No description provided by the author
LabelGroup represents a Label Group in the PCE.
LabelUsage shows how labels are used in the PCE LabelUsage is never created or updated.
A LatestEvent is for a condition LatestEvents are never created or updated.
LoadInput tells the p.Load method what objects to load.
Networks are used by ServiceAddresses.
Notifications are event notifications.
OpenServicePorts represents open ports for a service running on a workload.
Org is an an organization in a SaaS PCE.
PairingKey represents a VEN pairing key.
PairingProfile is a pairing profile in PCE.
PCE represents an Illumio PCE.
No description provided by the author
PortOverrides override a port on a virtual service binding.
PortProtos represents the ports and protocols query portion of the exporer API.
Provision is sent to the PCE to provision policy objects.
A QualifyTest is a test run by the compatibility check.
No description provided by the author
RegionsItems.
ResolveLabelsAs - more info to follow.
No description provided by the author
No description provided by the author
Restriction is used for container workload profile labels.
Results contain a lists of compatibility report qualifying tests.
No description provided by the author
No description provided by the author
No description provided by the author
Rule - more info to follow.
RuleSet - more info to follow.
Scopes - more info to follow.
SecureConnect represents SecureConnect for an Agent on a Workload.
SecureConnectGateways represent SecureConnectGateways in provisioning.
Service represent a service in the PCE.
ServiceAddresses are FQDNs for Virtual Services.
A ServiceBinding binds a worklad to a Virtual Service.
ServicePort represent port and protocol information for a non-Windows service.
Src is the consumer workload details.
Sources represents the sources query portion of the explorer API.
Statements are part of a custom IPTables rule.
Status represents the Status of an Agent on a Workload.
SubGroups are used by label groups.
System is an empty struct for system-generated events.
Target is part of the collector flow filter.
TimestampRange is used to limit queries ranges for the flow detected.
TrafficAnalysis represents the response from the explorer API.
TrafficAnalysisRequest is is to the traffic analysis POST request.
TrafficQuery is the struct to be passed to the GetTrafficAnalysis function.
Unpair is the payload for using the API to unpair workloads.
UploadFlowResults is the struct returned to the user when using the pce.UploadTraffic() method.
Usage covers how a LabelGroup is used in the PCE.
UserLogin represents a user logging in via password to get a session key.
VEN is an Illumio agent.
VenUpgradeError is used by VenUpgradeResponse.
VenUpgradeRequest is sent to the PCE to upgrade VENs.
VenUpgradeResponse is the PCE's response to a VEN upgrade request.
Version is the PCE version Versions are never created or updated.
VirtualServer represents a VirtualServer in the PCE.
A VirtualService represents a Virtual Service in the Illumio PCE.
Vulnerabilities are part of vulnerability maps.
VulnerabilityReport are part of vulnerability maps.
No description provided by the author
No description provided by the author
WindowsService represents port, protocol, and process information for a Windows service.
No description provided by the author
WkldServices represent the Services running on a Workload.
A Workload represents a workload in the PCE.