As a professional development and learning exercise I wrote this powershell module.
I do not claim it to be free from errors/bugs and is for learning and testing. Use at your own risk.
I thought it may be of some value to others out there.
Could you give us / me some insights, what you API actually can perform?
You are settings some values to configure a XG, correct?
If you want to get some "clicks clicks clicks", build Certbot + DNAT + Lets Encrypt Upload + Replacement Script.
Seems like you know, what you are doing, and this is highly asked by some people.
The script should perform something like:
Enable a specific DNAT Rule every 2 Month. (Port80 to the powershell server?).
Start Certbot to generate new LE certificates.
Disable DNAT Rule.
Upload new LE Certificate to XG
Replace in Webadmin the LE Certificate
Check in Firewall Rule for WAF Rules, replace if yes, replace the Certificate
(Clean up old LE certificate).
As a little help: https://community.sophos.com/products/xg-firewall/f/sophos-xg-firewall-general-discussion/102208/upload-certificate-using-api