I have been playing around with Python lately with the goal of building basic skills in it. I have found that to make good progress what works best for me is:
- Have a project that I find interesting to work on
- Spend a little time every day on the project
The project I decided on was to get the IP addresses that AWS uses for their services, build an access-list based on these prefixes, and then configure a Cisco ASA with that access-list. The final result looks like this:
In a series of blog posts, I will cover how I built this script. Keep in mind that my focus was to get a script that works and then improve on it. I have some plans for getting an experienced Python coder to go through the code with me and to work on improvements. Stay tuned for that!
As with any coding project, you need to come up with some general guidelines on how to get data and what is good enough. These are some of the considerations I had:
- I will get the configuration needed from a YAML file rather than a CLI (good enough for now)
- The login and password are stored in environment variables (good enough for now)
- I will leverage modules, builtin or 3rd party, to for example convert IP addresses rather than reinventing the wheel
Providing a CLI and getting the login from a vault are things I’m considering to improve on the project.
Now, for this first post, let’s focus on what I am importing into the script:
import random import yaml import os import requests import ipaddress import time from rich.console import Console from scrapli import Scrapli
I will explain what these modules are and why I use them. I will explain more in detail about them in the upcoming posts showing them being used in my code.
Random – I am using the random module to (obviously) generate a random number. This is needed for the access-list.
OS – The OS module is used to read the environment variables.
Requests – Requests is a very popular HTTP library often used to interact with web sites and APIs.
IP address – The IP address module is very useful for creating IP addresses and converting from netmask to CIDR format and vice versa, getting the number of available IP addresses in a subnet, and so on.
Time – The time module is used to time how long it takes to run the script.
Rich – Rich is an amazing project from Will McGugan that can do pretty printing, colorizing print outputs, formatting beautiful tables, and a lot more.
That will be all for this first post! I am keeping them short and sweet. In the next post we’ll be looking at how to pull data from a YAML file.