I'm trying to use SoftLayer's Python library to run automated vulnerability scans. Unfortunately I get the following exception:
SoftLayerAPIError: SoftLayerAPIError(SoftLayer_Exception): Unable to create a new object of type SoftLayer_Network_Security_Scanner_Request_Nessus. Make sure the authentication method is correct.
The code I use can be seen below.
import SoftLayer
USERNAME="" # I put valid value in here
APIKEY="" # I put valid value in here
TARGET="" # I put valid value in here
client = SoftLayer.create_client_from_env(
username=USERNAME,
api_key=APIKEY
)
""" ALTERNATE I TRIED ALSO FROM DOCUMENTATION:
client = SoftLayer.Client(
username=USERNAME,
api_key=APIKEY
)
"""
account = client['Account'].getObject()
scanner = client.call(
"SoftLayer_Network_Security_Scanner_Request",
"createObject", {
"accountId": account.get('id'),
"ipAddress": TARGET
})
The HTTP request being sent by the Python library look like:
POST /xmlrpc/v3.1/SoftLayer_Network_Security_Scanner_Request HTTP/1.1
Host: api.softlayer.com
Connection: keep-alive
Accept: */*
Content-Type: application/xml
Content-Length: 798
<?xml version='1.0'?>
<methodCall>
<methodName>createObject</methodName>
<params>
<param>
<value><struct>
<member>
<name>headers</name>
<value><struct>
<member>
<name>authenticate</name>
<value><struct>
<member>
<name>username</name>
<value><string>***USERNAME_HERE***</string></value>
</member>
<member>
<name>apiKey</name>
<value><string>***API_KEY_HERE***</string></value>
</member>
</struct></value>
</member>
</struct></value>
</member>
</struct></value>
</param>
<param>
<value><struct>
<member>
<name>ipAddress</name>
<value><string>***TARGET_IP_HERE***</string></value>
</member>
<member>
<name>accountId</name>
<value><int>***ACCOUNT_ID_HERE***</int></value>
</member>
</struct></value>
</param>
</params>
</methodCall>
The HTTP response received is:
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2017 12:47:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml
Content-Length: 495
<?xml version="1.0" encoding="iso-8859-1"?>
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value>
<string>SoftLayer_Exception</string>
</value>
</member>
<member>
<name>faultString</name>
<value>
<string>Unable to create a new object of type SoftLayer_Network_Security_Scanner_Request_Nessus. Make sure the authentication method is correct.</string>
</value>
</member>
</struct>
</value>
</fault>
</methodResponse>
Could someone please help me out and have a look at the code as I could not figure out where the issue could be. Could you please also provide the minimum list of permissions that is needed for this to work?
Note: I tried with all possible permissions enabled for debugging but no luck