Hi,
I have a python script that loops through each access policy rules and attempt to disable the rules that match a certain condition. I have the loop and condition logic working but I am struggling with disabling a rule.
Here is my python 3 disable rule script:
def disable_rule(fmc_host, token, domain_uuid, acp_id, rule_id, action):
"""
Disable a rule in FMC.
Parameters:
- fmc_host (str): The FMC host address.
- token (str): The authentication token.
- domain_uuid (str): The UUID of the FMC domain.
- acp_id (str): The UUID of the Access Control Policy.
- rule_id (str): The UUID of the rule to disable.
- action (str): The action of the rule (ALLOW, BLOCK, etc.)
"""
url = f"https://{fmc_host}/api/fmc_config/v1/domain/{domain_uuid}/policy/accesspolicies/{acp_id}/accessrules/{rule_id}"
headers = {
"Content-Type": "application/json",
"X-auth-access-token": token
}
payload = {
"enabled": False,
"type": "AccessRule",
"id": rule_id,
"action": "ALLOW" # Added action attribute
}
response = requests.put(url, headers=headers, json=payload, verify=False)
if response.status_code == 200:
print(f"Successfully disabled rule {rule_id}.")
else:
print(f"Failed to disable rule {rule_id}. Status code: {response.status_code}")
print(response.text)
I am not sure what exactly I need to pass as a payload. I was hoping ""enabled": False," would be enough but I am getting error message:
"Failed to disable rule A1023541-RTTM-6g3e-0000-00045784212. Status code: 400
{"error":{"category":"FRAMEWORK","messages":[{"description":"Action is mandatory to be specified."}],"severity":"ERROR"}}"