Link Search Menu Expand Document

Microsoft Online Dynamic Object Update

Workflow #0031

Microsoft provides a JSON-formatted feed of their networks and domains for their various cloud services. This workflow demonstrates fetching that JSON, reformatting it, and updating a dynamic object group on Cisco Secure Firewall.

GitHub


Requirements


Workflow Steps

  1. Get an access token for Secure Firewall
  2. Get the existing dynamic object group mappings
  3. Check if fetching the mappings succeeded (if not, create a new dynamic object group)
  4. Fetch the JSON from Microsoft and generate a list of records to add and to remove
  5. Check if any records need to be added (if so, add them)
  6. Check if any records need to be removed (if so, remove them)

Configuration

  • Go to Microsoft’s website to get the URL for the worldwide endpoint JSON. Click the link on the second bullet to https://endpoints.office.com/endpoints/worldwide and copy the URL into the Microsoft Endpoints URL local variable in the workflow
  • Set the Dynamic Object Group Name local variable to the name of the object group you want to update. Note that this group must be created on Firewall Management Center prior to running the workflow

Targets

Target Name Type Details Account Keys Notes
FMC Target HTTP Endpoint Protocol: HTTPS
Host: your-firewall-management-center
Path: api/
FMC API Credentials  

Account Keys

Account Key Name Type Details Notes
FMC API Credentials HTTP Basic Authentication Username: FMC Username
Password: FMC Password
Account must have API permissions