Add device posture inventory support

Bump to 0.4.9

README.md

@@ -13,6 +13,7 @@
  - [Connectors](#connectors)
  - [Swapping connectors](#swapping-connectors)
  - [Certificate management](#certificate-management)
+ - [Device Posture Inventory](#device-posture-inventory)
 - [Known Limitations](#known-limitations)
 - [Troubleshooting and Support](#troubleshooting-and-support)
  - [Self-troubleshooting](#self-troubleshooting)
@@ -249,7 +250,7 @@ deployment of all impacted applications and IdP, add the ``--deployafter``.
 
 Example using `--deployafter`:
 ```
-akamai eaa certificate crt://certificate-UUID rotate --key ~/certs/mycert.key --cert ~/certs/mycert.cert --deployafter
+$ akamai eaa certificate crt://certificate-UUID rotate --key ~/certs/mycert.key --cert ~/certs/mycert.cert --deployafter
 Rotating certificate certificate-UUID...
 Certificate CN: *.akamaidemo.net (*.akamaidemo.net Lets Encrypt)
 Certificate certificate-UUID updated, 3 application/IdP(s) have been marked ready for deployment.
@@ -262,14 +263,22 @@ Use 'akamai eaa cert crt://certificate-UUID status' to monitor the progress.
 
 Checking the status of the deployment:
 
-```
+```bash
 $ akamai eaa cert crt://certificate-UUID status
 #App/IdP ID,name,status
 app://appid-1,Multi-origin Active-Active Demo (US-East),Pending
 app://appid-2,Multi-origin Active-Active Demo (US-West),Pending
 idp://idpid-1,Bogus IdP to test EME-365,Pending
 ```
 
+### Device Posture Inventory
+
+Pipe the result of the inventory into `jq` to display only device ID, name and user_id
+
+```bash
+$ akamai eaa dp inventory | jq '.[] | {device_id, device_name, user_id}'
+```
+
 ## Known Limitations
 
 - While updating an application from a JSON, only a subset of the data will be updated in the back-end, not the entire application configuration

VERSION

@@ -1 +1 @@
-0.4.8
+0.4.9

bin/akamai-eaa

@@ -31,6 +31,7 @@ import signal
 import http.client as http_client
 from json import dumps
 from math import ceil
+from urllib.parse import parse_qsl
 
 # cli-eaa
 import _paths
@@ -165,6 +166,57 @@ class ReportingAPI(BaseAPI):
  info['cloudzones'].append(eaa_cloudzone.get('region'))
  print(dumps(info, indent=4))
 
+ def deviceposture_inventory(self, follow=False, interval=300):
+ """
+ Fetch Device Posture inventory once or until a SIG_TERM is received or Control-C is pressed
+
+ Args:
+ follow (bool, optional): Will not terminate and keep pulling every `interval` sec. Defaults to False.
+ interval (int, optional): Interval in seconds to pull the inventory. Defaults to 300.
+ """
+ while not cli.stop_event.is_set():
+ start = time.time()
+ offset = 0
+ limit = 3000
+ devices = []
+
+ while not cli.stop_event.is_set():
+ page_start = time.time()
+ resp = self.get('device-posture/inventory/list', params={'offset': offset, 'limit': limit})
+ if resp.status_code != 200:
+ cli.print_error("Non HTTP 200 response fromt the API")
+ cli.exit(2)
+ doc = resp.json()
+ meta = doc.get('meta', {})
+ next_page = meta.get('next')
+ limit = meta.get('limit')
+ objects_in_page = doc.get('objects', [])
+ offset = dict(parse_qsl(next_page)).get('offset')
+ logging.debug("--- DP Inventory page with {c} devices fetched in {elapsed:.2f} seconds".format(
+ c=len(objects_in_page), elapsed=time.time()-page_start))
+ devices += objects_in_page
+ if not next_page:
+ break
+
+ print(dumps(devices, indent=4))
+ logging.debug("DP Inventory Total {device_count} devices fetched in {elapsed:.2f} seconds".format(
+ device_count=len(devices), elapsed=time.time()-start))
+ if follow is False:
+ break
+ else:
+ wait_time = interval - (time.time() - start) # interval - time elapsed
+ if wait_time > 0:
+ logging.debug("Sleeping for {:.2f} seconds".format(wait_time))
+ time.sleep(wait_time)
+ else:
+ logging.warn("Fetching data takes more time than the interval, "
+ "consider increase the --interval parameter")
+
+ def deviceposture_devicehistory(self, device_id):
+ resp = self.get('device-posture/inventory/device-history/{deviceId}'.format(deviceId=device_id))
+ print(dumps(resp.json(), indent=4))
+
+
 
 def setup_logging():
 
@@ -254,6 +306,15 @@ if __name__ == "__main__":
  elif config.command in ("info", ):
  r = ReportingAPI(config)
  r.tenant_info()
+ elif config.command in ("dp", ):
+ if config.dpcommand == "inventory":
+ s = ReportingAPI(config)
+ s.deviceposture_inventory(config.tail, config.interval)
+ elif config.dpcommand == "history":
+ s = ReportingAPI(config)
+ s.deviceposture_devicehistory(config.device_id)
+ else:
+ print("invalid Device Posture command: {config.dpcommand}")
  else:
  config.parser.print_help()
  sys.exit(1)

bin/config.py

@@ -160,6 +160,16 @@ def __init__(self, config_values, configuration, flags=None):
 
  subparsers.add_parser('info', help='Display tenant info')
 
+ dp_parser = subparsers.add_parser('dp', help='Device Posture')
+ dp_parser.add_argument("dpcommand", choices=['inventory'], default="inventory")
+ dp_parser.add_argument("--tail", "-f", default=False, action="store_true",
+ help="Keep pulling the inventory every interval seconds")
+ dp_parser.add_argument("--interval", "-i", type=int, default=600,
+ help="Pulling interval in seconds (default: 600)")
+
+# dpdh = subparsers.add_parser('dp_devhist', help='Device Posture Device History (experimental)')
+# $dpdh.add_argument("device_id")
+
  subparsers.add_parser('version', help='Display cli-eaa module version')
 
  parser.add_argument('--batch', '-b', default=False, action='store_true',

cli.json

@@ -5,7 +5,7 @@
  "commands": [
  {
  "name": "eaa",
- "version": "0.4.8",
+ "version": "0.4.9",
  "description": "Akamai CLI for Enterprise Application Access (EAA)"
  }
  ]

libeaa/common.py

@@ -37,7 +37,7 @@
 config = EdgeGridConfig({'verbose': False}, 'default')
 
 #: cli-eaa version
-__version__ = '0.4.8'
+__version__ = '0.4.9'
 
 #: HTTP Request Timeout in seconds
 HTTP_REQ_TIMEOUT = 300