Creating a default policy¶
Overview¶
This topic describes how you use the REST API to create a Web Application Security policy. The Web Application Security policy is a complex object with multiple sub collections, some of them have default values created by the system when the policy is created.
REST API actions¶
- Send a POST request to the policies collection using the ASM Policies API.
- The information sent to the server in the body of the POST includes the name of the policy, the partition, the fullPath, the application language, and policy properties, settings, and template reference. Note that the fullPath is usually determined by the partition and name, separated by the ‘/’ character.
POST: https://<BIG-IQ>/mgmt/cm/asm/working-config/policies
{
"name": "policy create task from template Rapid Deployment Policy. Policy name policy3",
"policyProperties": {
"applicationLanguage": "utf-8",
"description": "",
"learningMode": "manual",
"name": "policy3",
"fullPath": "/Common/policy3",
"caseInsensitive": false,
"isPublishedForTemplates": false,
"enforcementMode": "transparent",
"attributes": {
"triggerAsmIruleEvent": "disabled",
"enableEventCorrelation": true,
"maximumHttpHeaderLength": "any",
"maximumCookieHeaderLength": "any"
},
"stagingSettings": {
"enforcementReadinessPeriod": 7
},
"allowedResponseCodes": [
"400",
"401",
"404",
"407",
"417",
"503"
],
"trustXff": false,
"customXffHeaders": [],
"hasParent": false,
"type": "security",
"partition": "Common",
"pathParameterHandling": "as parameters",
"maskCreditCardNumbersInRequest": true
},
"templateReference": {
"link": "https://localhost/mgmt/cm/asm/policy-templates/133a4134-cb3d-31b5-ac17-9bae8818d80f"
}
}
The following is the JSON response from the POST operation:
{
"templateReference": {
"link": "https://localhost/mgmt/cm/asm/policy-templates/133a4134-cb3d-31b5-ac17-9bae8818d80f"
},
"policyProperties": {
"allowedResponseCodes": [
400,
401,
404,
407,
417,
503
],
"customXffHeaders": [],
"applicationLanguage": "utf-8",
"caseInsensitive": false,
"enforcementMode": "transparent",
"learningMode": "manual",
"stagingSettings": {
"enforcementReadinessPeriod": 7
},
"attributes": {
"maximumCookieHeaderLength": "any",
"triggerAsmIruleEvent": "disabled",
"maximumHttpHeaderLength": "any",
"enableEventCorrelation": true
},
"fullPath": "/Common/Policy3",
"trustXff": false,
"type": "security",
"hasParent": false,
"partition": "Common",
"name": "Policy3",
"description": "",
"isPublishedForTemplates": false,
"generation": 0,
"lastUpdateMicros": 0
},
"id": "63d3fcab-adb2-4559-bc82-d51049ba80ae",
"status": "STARTED",
"name": "policy create task from template Rapid Deployment Policy. Policy name Policy3",
"userReference": {
"link": "https://localhost/mgmt/shared/authz/users/admin"
},
"identityReferences": [{
"link": "https://localhost/mgmt/shared/authz/users/admin"
}],
"ownerMachineId": "c5723c86-ef77-4d6b-a431-ae1a1270b1d5",
"taskWorkerGeneration": 1,
"generation": 1,
"lastUpdateMicros": 1599742712306822,
"kind": "cm:asm:tasks:create-policy:createpolicyfromtemplatetaskstate",
"selfLink": "https://localhost/mgmt/cm/asm/tasks/create-policy/63d3fcab-adb2-4559-bc82-d51049ba80ae"
}