Associating a Web Application Security policy with a virtual server.¶
Overview¶
Describes how you use the REST API to associate a Web Application Security policy with a virtual server.
Prerequisites¶
- Device configuration discovered and imported to Web Application Security.
- The name, partition and device name of the virtual server should be known.
- The selfLink of the policy should be retrieved as explained in policy specific examples.
Description¶
Describes how you use the REST API to get the active policy of a specific virtual server on a specific device.
Perform the REST API actions in the following order:
- Perform a GET operation to determine the selfLink of a device.
- Perform a GET operation to determine the selfLink of a virtual server.
- Perform a PATCH operation to associate the policy to the virtual server.
Note - to create new virtual servers, use the ADC APIs as shown in the ADC section.
REST API actions.¶
1. Perform a GET operation to determine the selfLink of a device.¶
Perform a GET operation on the Web Application Security devices collection, filtering the results by a name and limiting the result to show the device name and the device selfLink that will be used later for searches. In this example the name being searched for is ‘device1.com’.
GET: https://<BIG-IQ>/mgmt/shared/resolver/device-groups/cm-asm-allAsmDevices/devices?$filter=hostname eq 'device1.com'&$select=hostname,selfLink
The following is the JSON response from the GET operation:
{
"selfLink": "https://localhost/mgmt/shared/resolver/device-groups/cm-asm-allAsmDevices/devices",
"totalItems": 1,
"items": [
{
"hostname": "device1.com",
"selfLink": "https://localhost/mgmt/shared/resolver/device-groups/cm-asm-allAsmDevices/devices/c1444144-11e7-47e6-8e91-eaa913826a7f"
}
],
"generation": 18,
"kind": "shared:resolver:device-groups:devicegroupdevicecollectionstate",
"lastUpdateMicros": 1479388471935401
}
2. Perform a GET operation to determine the selfLink of the virtual server.¶
Perform a GET operation to determine the selfLink of the virtual server, filtering the results by the device reference, name and partition fields.
GET: https://<BIG-IQ>/mgmt/cm/asm/working-config/virtual-servers?$select=selfLink,name,fullPath,attachedPoliciesReferences&$filter=deviceReference/link eq 'https://localhost/mgmt/shared/resolver/device-groups/cm-asm-allAsmDevices/devices/c1444144-11e7-47e6-8e91-eaa913826a7f' and name eq 'Virtual_1' and partition eq 'Common'
The following is the JSON response from the GET operation:
{
"selfLink": "https://localhost/mgmt/cm/asm/working-config/virtual-servers",
"totalItems": 1,
"items": [
{
"attachedPoliciesReferences": [],
"name": "Virtual_1",
"selfLink": "https://localhost/mgmt/cm/asm/working-config/virtual-servers/fc4cb3cf-b2d8-378a-8a64-07a27e60316c"
}
],
"generation": 9,
"kind": "cm:asm:working-config:virtual-servers:asmvirtualservercollectionstate",
"lastUpdateMicros": 1479648626962187
}
3. Perform a PATCH operation to associate the policy to the virtual server.¶
Perform a PATCH operation to associate the policy to the virtual server. Use the selfLink retrieved in step #2.
PATCH: https://<BIG-IQ>/mgmt/cm/asm/working-config/virtual-servers/<virtual server id>
{
"attachedPoliciesReferences":[
{
"link":"https://localhost/mgmt/cm/asm/working-config/policies/1005831c-7e40-30ed-bd0d-f8068526d7ef"
}
]
}
The following is the JSON response from the PATCH operation:
{
"address": "1.1.1.1:80",
"asmEnabled": true,
"isInactivePoliciesHolder": false,
"hasAttachedPolicies": true,
"mirror": "disabled",
"attachedPoliciesReferences": [
{
"link": "https://localhost/mgmt/cm/asm/working-config/policies/1005831c-7e40-30ed-bd0d-f8068526d7ef"
}
],
"isAdvanced": false,
"partition": "Common",
"deviceReference": {
"id": "c1444144-11e7-47e6-8e91-eaa913826a7f",
"name": "bubbles.olympus.f5net.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "c1444144-11e7-47e6-8e91-eaa913826a7f",
"link": "https://localhost/mgmt/shared/resolver/device-groups/cm-asm-allAsmDevices/devices/c1444144-11e7-47e6-8e91-eaa913826a7f"
},
"name": "Virtual_1",
"id": "fc4cb3cf-b2d8-378a-8a64-07a27e60316c",
"generation": 5,
"lastUpdateMicros": 1479648826263985,
"kind": "cm:asm:working-config:virtual-servers:asmvirtualserverstate",
"selfLink": "https://localhost/mgmt/cm/asm/working-config/virtual-servers/fc4cb3cf-b2d8-378a-8a64-07a27e60316c"
}
API Reference¶
- Associating a Web Application Security policy with a virtual server.
- BIG-IQ ASM Policies