Internet Access Requirements
By default, the dynamic attributes connector is configured to communicate with the Firepower System over the internet using HTTPS on port 443/tcp (HTTPS). If you do not want the dynamic attributes connector to have direct access to the internet, you can configure a proxy server.
The following information informs you of the URLs the dynamic attributes connector use to communicate with the CDO and with external servers.
URL | Reason |
---|---|
https://fmc-ip/api/fmc_platform/v1/ auth/generatetoken |
Authentication |
https://fmc-ip/api/fmc_config/ v1/domain/domain-id/object/dynamicobjects |
GET and POST dynamic objects |
https://fmc-ip/api/fmc_config/ v1/domain/ domain-id/object/dynamicobjects/ object-id/mappings?action=add |
Add mappings |
https://fmc-ip/api/fmc_config/ v1/domain/domain-id /object/dynamicobjects/ object-id/mappings?action=remove |
Remove mappings |
Migration from DockerHub to Amazon ECR
Docker images for the Cisco Secure Dynamic Attributes Connector are being migrated from Docker Hub to Amazon Elastic Container Registry (Amazon ECR).
To use the new field packages, you must allow access through your firewall or proxy to all of the following URLs:
Cisco Secure Dynamic Attributes Connector Azure access requirements
The dynamic attributes connector calls built-in SDK methods to get instance information. These methods internally call call https://login.microsoft.com (for authentication) and https://management.azure.com (to get instance information).