forked from SSHcom/privx-sdk-for-python
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathexample-host-creation.py
More file actions
78 lines (67 loc) · 1.75 KB
/
example-host-creation.py
File metadata and controls
78 lines (67 loc) · 1.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# An example how to use PrivX API for host creation.
# Requires Python 3.6+
import config
# this importation for demonstration purpose only
# for proper importation of privx_api module
# see https://github.com/SSHcom/privx-sdk-for-python#getting-started
try:
# Running example with pip-installed SDK
import privx_api
except ImportError:
# Running example without installing SDK
from utils import load_privx_api_lib_path
load_privx_api_lib_path()
import privx_api
HOST_DNS = "test.privx.ssh.com"
HOST_IP = "192.168.0.10"
# Initialize the API.
api = privx_api.PrivXAPI(
config.HOSTNAME,
config.HOSTPORT,
config.CA_CERT,
config.OAUTH_CLIENT_ID,
config.OAUTH_CLIENT_SECRET,
)
# Authenticate.
# NOTE: fill in your credentials from secure storage, this is just an example
api.authenticate(config.API_CLIENT_ID, config.API_CLIENT_SECRET)
# Search role ID for host account mapping.
role_id = ""
resp = api.get_roles()
if resp.ok:
for role in resp.data.get("items"):
if role.get("name") == "privx-admin":
role_id = role.get("id")
if role_id == "":
print("Failed to get role ID.")
# Create host.
data = {
"common_name": "api-test",
"addresses": [HOST_DNS, HOST_IP],
"services": [
{
"service": "SSH",
"address": HOST_IP,
"port": 22,
"source": "UI",
},
],
"principals": [
{
"principal": "root",
"passphrase": "secret",
"source": "UI",
"roles": [
{
"id": role_id,
},
],
},
],
}
resp = api.create_host(data)
if resp.ok:
print("Host created.")
else:
print("Host creation failed.")
print(resp.data)