diff --git a/README.md b/README.md index cfc1182..ffad41c 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ - [Install](#install) - [API User and configuration file](#api-user-and-configuration-file) - [Updating ETP CLI module](#updating-etp-cli-module) +- [Using a proxy](#using-a-proxy) - [Examples](#examples) - [Fetch events](#fetch-events) - [Manage security lists](#manage-security-lists) @@ -75,6 +76,17 @@ To update to the latest version: $ akamai update etp ``` +## Using a proxy + +Your organization may require to use a proxy server to reach to the public internet. +Use the `--proxy` option, and if you need to pass a specific private CA certificate you may +use the REQUESTS_CA_BUNDLE environment variable. + +Example on a Unix based OS: +``` +$ REQUESTS_CA_BUNDLE=~/ssl-proxying-certificate.pem akamai etp --proxy 127.0.0.1:8888 list get +``` + ## Examples ### Fetch events diff --git a/bin/akamai-etp b/bin/akamai-etp index 14e2f07..ed72f13 100755 --- a/bin/akamai-etp +++ b/bin/akamai-etp @@ -35,12 +35,12 @@ from requests.compat import urljoin from akamai.edgegrid import EdgeGridAuth, EdgeRc from config import EdgeGridConfig -__version__ = "0.3.5" +__version__ = "0.3.6" #: Window span in ad-hoc mode, default is 15 min span_duration_min = 15 -session = requests.Session() +session = None verbose = False section_name = "default" headers = {'content-type': "application/json;charset=UTF-8"} @@ -58,7 +58,7 @@ verbose = getattr(config, "verbose", False) fetch_limit = getattr(config, "limit", 3 * 60 * 60) #: Poll interval (also defin how much data we get each time) #: Default is 5 minutes, configurable with --poll -poll_interval_sec = getattr(config, "poll", 60) +poll_interval_sec = getattr(config, "poll", 600) baseurl = '%s://%s' % ('https', getattr(config, "host", "host-not-set-in-config")) @@ -355,9 +355,33 @@ def log_level(): else: return logging.ERROR +def prepare_session(config): + """ + Prepare a Session object to issue request against Akamai {OPEN} API + """ + s = requests.Session() + + # Initialize Requests Session for the API calls + s.auth = EdgeGridAuth( + client_token=config.client_token, + client_secret=config.client_secret, + access_token=config.access_token + ) + + # Proxy + if config.proxy: + LOG.info("Set proxy to %s" % config.proxy) + s.proxies['https'] = 'http://%s' % config.proxy + + # User agent, with an optional prefix + s.headers.update({'User-Agent': f"{config.ua_prefix} cli-etp/{__version__}"}) + + return s def main(): + global session + logging.basicConfig( filename=config.logfile, level=log_level(), format='%(asctime)s %(levelname).1s %(message)s' @@ -377,13 +401,7 @@ def main(): print(__version__) sys.exit(0) - # Initialize Requests Session for the API calls - session.auth = EdgeGridAuth( - client_token=config.client_token, - client_secret=config.client_secret, - access_token=config.access_token - ) - session.headers.update({'User-Agent': f"{config.ua_prefix} cli-etp/{__version__}"}) + session = prepare_session(config) if config.command == "event": if config.output is None: diff --git a/bin/config.py b/bin/config.py index 3a5a75d..6cbb5c8 100644 --- a/bin/config.py +++ b/bin/config.py @@ -97,6 +97,8 @@ def __init__(self, config_values, configuration, flags=None): parser.add_argument('--edgerc', '-e', default='~/.edgerc', metavar='credentials_file', help=' Location of the credentials file (default is ~/.edgerc)') + parser.add_argument('--proxy', '-p', default='', help=''' HTTP/S Proxy Host/IP and port number,''' + ''' do not use prefix (e.g. 10.0.0.1:8888)''') parser.add_argument('--section', '-c', default='default', metavar='credentials_file_section', action='store', help=' Credentials file Section\'s name to use') parser.add_argument('--user-agent-prefix', dest='ua_prefix', default='Akamai-CLI', help=argparse.SUPPRESS) diff --git a/cli.json b/cli.json index 8afc519..6da3381 100755 --- a/cli.json +++ b/cli.json @@ -5,7 +5,7 @@ "commands": [ { "name": "etp", - "version": "0.3.5", + "version": "0.3.6", "description": "Akamai CLI for Enterprise Threat Protector" } ]