FortiGateAPI
- class fortigate_api.FortiGateAPI(host: str, username: str = '', password: str = '', token: str = '', scheme: str = 'https', port: int = 0, timeout: int = 15, verify: bool = False, vdom: str = 'root', logging: bool = False, logging_error: bool = False, **kwargs)
FortiGateAPI - Python connector to Fortigate API endpoints.
Init FortiGateAPI.
- Parameters:
host (str) – Fortigate hostname or ip address.
username (str) – Administrator name. Mutually exclusive with token.
password (str) – Administrator password. Mutually exclusive with token.
token (str) – Token. Mutually exclusive with username and password.
scheme (str) – Access method: https or http. Default is https.
port (int) – TCP port. Default is 443 for scheme=`https`, 80 for scheme=`http`.
timeout (int) – Session timeout (minutes). Default is 15.
verify (bool) – Transport Layer Security. True - A TLS certificate required, False - Requests will accept any TLS certificate. Default is False.
vdom (str) – Name of the virtual domain. Default is root.
logging (bool) – Logging REST API response. Ture - Enable response logging, False - otherwise. Default is False.
logging_error (bool) – Logging only the REST API response with error. Ture - Enable errors logging, False - otherwise. Default is False.
- property vdom: str
Actual virtual domain.
- login() None
Login to the Fortigate using REST API and creates a Session.
Validate token if object has been initialized with token parameter.
Validate password if object has been initialized with username parameter.
- Returns:
None. Creates Session.
- logout() None
Logout from the Fortigate using REST API and deletes Session.
No need to logout if object has been initialized with token parameter.
Logout if object has been initialized with username parameter.
- Returns:
None. Deletes Session.
Usage
"""FortiGateAPI examples.
- Initialize FortiGateAPI with optional parameters scheme=`https`, port=443
- Create address in the Fortigate
- Get address by name (unique identifier)
- Update address data in the Fortigate
- Delete address from the Fortigate
- Check for absence of address in the Fortigate
- FortiGateAPI `with` statement
"""
import logging
from fortigate_api import FortiGateAPI
logging.getLogger().setLevel(logging.DEBUG)
HOST = "host"
USERNAME = "username"
PASSWORD = "password"
# Initialize FortiGateAPI with optional parameters scheme=`https`, port=443
api = FortiGateAPI(
host=HOST,
username=USERNAME,
password=PASSWORD,
scheme="https",
port=443,
logging_error=True,
)
api.login() # login is optional
# Create address in the Fortigate
data = {
"name": "ADDRESS",
"obj-type": "ip",
"subnet": "127.0.0.100 255.255.255.252",
"type": "ipmask",
}
response = api.cmdb.firewall.address.create(data)
print(f"address.create {response}") # address.create <Response [200]>
# Get address by name (unique identifier)
items = api.cmdb.firewall.address.get(name="ADDRESS")
print(f"addresses count={len(items)}") # addresses count=1
# Update address data in the Fortigate
data = {"name": "ADDRESS", "subnet": "127.0.0.255 255.255.255.255"}
response = api.cmdb.firewall.address.update(data)
print(f"address.update {response}") # address.update <Response [200]>
# Delete address from the Fortigate
response = api.cmdb.firewall.address.delete("ADDRESS")
print(f"address.delete {response}") # address.delete <Response [200]>
# Check for absence of address in the Fortigate
response = api.cmdb.firewall.address.is_exist("ADDRESS")
print(f"address.is_exist {response}") # address.is_exist False
api.logout()
# FortiGateAPI `with` statement
with FortiGateAPI(host=HOST, username=USERNAME, password=PASSWORD) as api:
response = api.cmdb.firewall.address.is_exist("ADDRESS")
print("address.is_exist", response) # exist <Response [404]>