Venafi Policy Data¶
Overview¶
You can use the Venafi Policy Data API to validate through Venafi and get all the policy data. This API gets the policy data already stored in Big-IQ and validates it with the Venafi Trust Protection Platform (TPP) server. This API can be used to synchronize the configuration if there is a change in the Venafi TPP server.
REST Endpoint: /mgmt/cm/adc-core/external-ca/venafi/policy-folder¶
Requests¶
POST /mgmt/cm/adc-core/external-ca/venafi/policy-folder¶
Send a POST request to the endpoint to synchronize and retrieve all policy data.
Request Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| externalCaConfigReference | object | True | Link to the CA configuration |
| link | string | True | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
| policyFolderPath | string | True | Path to policy folder |
Query Parameters¶
None
Response¶
The JSON in the POST’s response can include the following parameters.
HTTP/1.1 200 OK
| Name | Type | Required |
|---|---|---|
| externalCaConfigReference | object | Link to the CA configuration |
| link | string | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
| policyFolderPath | string | Path to policy folder |
| policyFolders | object | List of policy folders |
| absoluteGUID | string | UUID |
| dn | string | Policy information |
| guid | string | Policy information |
| id | string | Policy information |
| name | string | Policy information |
| parent | string | Policy information |
| revision | string | Policy information |
| typeName | string | Policy information |
| selfLink | string | URL of policy folder |
Permissions¶
| Role | Allow |
|---|---|
| admin | Yes |
| Certificate Editor/Viewer | No |
Examples¶
POST to get policy-folder data for Venafi¶
This example gets policy-folder data. The API can synchronize the configuration if there is a change in the Venafi TPP server.
POST https://<BIG-IQ>/mgmt/cm/adc-core/external-ca/venafi/policy-folder
The JSON in the body of the POST can look similar to the following example.
{
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/7d9bf2c4-80b8-3aa0-b868-d34a8ad9b39d"
},
"policyFolderPath": "\\VED\\Policy\\certificates\\Big IQ"
}
Response¶
The JSON in the body of the response can look similar to the following example.
HTTP/1.1 200 OK
{
"policyFolderPath": "\\VED\\Policy\\certificates\\Big IQ",
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/7d9bf2c4-80b8-3aa0-b868-d34a8ad9b39d"
},
"policyFolders": [{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{9f5660dc-787d-49b6-80a0-d55a1c0c4197}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR High Security(Locked)",
"guid": "{9f5660dc-787d-49b6-80a0-d55a1c0c4197}",
"id": "3224",
"name": "Venafi Generated CSR High Security(Locked)",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885149112584",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{45df3468-c577-4357-8441-019d1e0482b1}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR Medium Security",
"guid": "{45df3468-c577-4357-8441-019d1e0482b1}",
"id": "3220",
"name": "Venafi Generated CSR Medium Security",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885149201716",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{da8deecb-5f8f-4c8e-a3e8-201310e36305}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR High Security",
"guid": "{da8deecb-5f8f-4c8e-a3e8-201310e36305}",
"id": "3226",
"name": "Venafi Generated CSR High Security",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885150411984",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{b816e23e-8b32-486d-b339-488f737595ed}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR Low Security",
"guid": "{b816e23e-8b32-486d-b339-488f737595ed}",
"id": "3227",
"name": "Venafi Generated CSR Low Security",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885149112379",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{7b0dceaf-99fb-4e12-b08b-9f21405e9ea8}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\BigIQ Generated CSR",
"guid": "{7b0dceaf-99fb-4e12-b08b-9f21405e9ea8}",
"id": "3214",
"name": "BigIQ Generated CSR",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885150527180",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{7cdb4598-dcbc-4ad1-b52a-55b42f2fd71e}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR Medium Security(Locked)",
"guid": "{7cdb4598-dcbc-4ad1-b52a-55b42f2fd71e}",
"id": "3222",
"name": "Venafi Generated CSR Medium Security(Locked)",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885150302111",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{c29d0516-6efd-4d5a-8e6a-6fb5f8b718f6}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR Low Security(Locked)",
"guid": "{c29d0516-6efd-4d5a-8e6a-6fb5f8b718f6}",
"id": "3225",
"name": "Venafi Generated CSR Low Security(Locked)",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885150302180",
"typeName": "Policy"
},
{
"absoluteGUID": "{798ee447-74f4-4c8a-8972-62aff3b2fee3}{266d63f4-0bfc-468a-b41f-d8fa477bd1c0}{5020eaa0-1de7-4be4-bfe8-fbcb7e948502}{2c455b33-7c53-4db1-acdf-62e7f226c469}{3c0a0cfd-f555-4d3a-abae-f4a5b8e86b86}",
"dn": "\\VED\\Policy\\Certificates\\Big IQ\\Venafi Generated CSR",
"guid": "{3c0a0cfd-f555-4d3a-abae-f4a5b8e86b86}",
"id": "3216",
"name": "Venafi Generated CSR",
"parent": "\\VED\\Policy\\Certificates\\Big IQ",
"revision": "636747885150412456",
"typeName": "Policy"
}
],
"generation": 0,
"lastUpdateMicros": 0,
"kind": "cm:adc-core:external-ca:venafi:policy-folder:venafipolicyfolderstate",
"selfLink": "https://localhost/mgmt/cm/adc-core/external-ca/venafi/policy-folder"
}