Discovery for Firewall Management¶
Overview¶
API used by discovery task management of BIG-IP for the AFM (Firewall) namespace by BIG-IQ. Re-import will use this task as well.
REST Endpoint: /mgmt/cm/firewall/tasks¶
Paths¶
Create a device discovery declare-mgmt-authority task managed by BIG-IQ module (AFM).¶
POST /declare-mgmt-authority
{
"createChildTasks": true,
"skipDiscovery": true,
"deviceReference": {
"link": "https://localhost/mgmt/cm/system/machineid-resolver/<id of the device>"
}
"snapshotWorkingConfig": false,
"useBigiqSync": false,
"name": <optional name of the task>
}
Description¶
Create a device discovery declare-mgmt-authority task and add to collection.
Responses¶
HTTP Code | Description | Schema |
---|---|---|
200 | POST a device discovery declare-mgmt-authority task. | properties_declare_mgmt_authority_collection |
400 | Error response “Bad Request” | error_collection |
Permissions¶
Role | Allow |
---|---|
Trust Discovery Import | Yes |
List of device declare-mgmt-authority collection tasks managed by BIG-IQ module (AFM).¶
GET /declare-mgmt-authority
Description¶
Returns the collection of device discover declare-mgmt-authority tasks.
Responses¶
HTTP Code | Description | Schema |
---|---|---|
200 | Returns a collection of device discover declare-mgmt-authority tasks. | properties_declare_mgmt_authority_collection |
400 | Error response “Bad Request” | error_collection |
Permissions¶
Role | Allow |
---|---|
device manager | Yes |
license manager | Yes |
device viewer | Yes |
Used to get a single device discovery declare-mgmt-authority task (AFM).¶
GET /declare-mgmt-authority/{objectId}
Description¶
Returns the device discovery declare-mgmt-authority task identified by a endpoint URI (AFM).
Parameters¶
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | objectId | Unique id assinged to declare-mgmt-authority firewall task object. required | string(UUID) | None |
Responses¶
HTTP Code | Description | Schema |
---|---|---|
200 | Device discovery declare-mgmt-authority task object. (AFM) | properties_declare-mgmt-authority |
400 | Error response “Bad Request” | error_collection |
Permissions¶
Role | Allow |
---|---|
device manager | Yes |
license manager | Yes |
device viewer | Yes |
Definitions¶
error_collection¶
Name | Description | Schema |
---|---|---|
errorStack | Error stack trace returned by java. optional, read-only | string |
items | Collection of device discovery firewall task objects. optional | < object > array |
kind | Type information for this device discovery firewall task collection object. cm:firewall:tasks:declare-mgmt-authority:dmataskcollectionstate optional, read-only | string |
message | Error message returned from server. optional, read-only | string |
requestBody | The data in the request body. GET (None) optional, read-only | string |
requestOperationId | Unique id assigned to rest operation. optional, read-only | integer(int64) |
properties_declare-mgmt-authority¶
Name | Description | Schema |
---|---|---|
childTaskReference | Reference link to child task. shared-object security discovery. optional | < childTaskReference > array |
childTaskStates | Description of child task state properties used by declare-mgmt-authority task object. optional | < childTaskStates > array |
copyTaskReference | Enable / Disable declare-mgmt-authority firewall copy difference between working-configuration (BIG-IQ) and current-configuration (BIG-IP). optional | copyTaskReference |
createChildTasks | To create a child task as part of this declare-mgmt-authority for firewall. optional | boolean |
currentStep | The current step of device declare-mgmt-authority firewall task as predicated by state. optional | string |
deviceIp | Device ip address this task is running on. optional | string |
deviceReference | Reference link to resolver for device firewall to be managed by BIG-IQ. (AFM) required | deviceReference |
differenceReference | Reference link to differences object containing differences between working-configuration (BIG-IQ) and current-configuration (BIG-IP) optional | differenceReference |
differencerTaskReference | Reference link to differencer task. Used to manage difference between working-configuration (BIG-IQ) and current-configuration (BIG-IP) optional | differencerTaskReference |
endDateTime | Date/Time when device discovery task declare-mgmt-authority firewall ended. 2016-10-11T10:30:17.834-0400 optional | string |
generation | An integer that will track change made to a device discovery declare-mgmt-authority task object. (AFM) generation. optional, read-only | integer(int64) |
id | Unique id assigned to a device declare-mgmt-authority firewall task object. optional, read-only | string |
identityReference | Array of reference links to user used to discover device declare-mgmt-authority firewall. mgmt/shared/authz/users/admin optional | < identityReference > array |
kind | Type information for this device discovery declare-mgmt-authority firewall task object. cm:firewall:tasks:declare-mgmt-authority:dmataskitemstate optional, read-only | string |
lastUpdateMicros | Update time (micros) for last change made to a device discovery firewall task object. time (1476742109026835). optional, read-only | integer(int64) |
name | Name of device declare-mgmt-authority task. optional | string |
ownerMachineId | A unique id string for the BIG-IQ acting as a device owner for declare-mgmt-authority. (AFM) optional | string |
reimport | Flag to enable / disable re-import configuration. optional | boolean |
selfLink | A reference link URI to the device discovery declare-mgmt-authority task object. (AFM) optional, read-only | string |
skipDiscovery | Skip discovery for re-import configuration. optional | boolean |
snapshotWorkingConfig | To snapshot the working-configuration (BIG-IQ) during firewall module discovery. optional | boolean |
startDateTime | Date/Time when device discovery declare-mgmt-authority firewall task began. 2016-10-11T10:30:17.834-0400 optional | string |
status | Status of device declare-mgmt-authority task predicated on state. optional | string |
useBigiqSync | Flag to sync BIG-IP cluster management (True / False) optional | boolean |
userReference | Reference link to user used to discover device declare-mgmt-authority firewall. mgmt/shared/authz/users/admin optional | userReference |
username | User name of device firewall object to be managed. (Firewall) optional | string |
validationBypassMode | Enable / Disable validation check when importing configuration device. BYPASS_NONE - no bypass (default), BYPASS_FINAL - skip final validation phase, BYPASS_ALL - skip all validation phases. optional | string |
childTaskReference
Name | Description | Schema |
---|---|---|
link | Reference link to shared-security declare-mgmt-authority child task. optional | string |
childTaskStates
Name | Description | Schema |
---|---|---|
copyTaskReference | Enable / Disable declare-mgmt-authority firewall copy difference between working-configuration (BIG-IQ) and current-configuration (BIG-IP). optional | copyTaskReference |
createChildTasks | To create a child task as part of this declare-mgmt-authority for firewall. optional | boolean |
currentStep | The current step of device declare-mgmt-authority firewall task as predicated by state. optional | string |
deviceIp | Device ip address this task is running on. optional | string |
deviceReference | Reference link to the device in the shared allSharedDevices resolver device group. required | deviceReference |
differenceReference | Reference link to differences object containing differences between working-configuration (BIG-IQ) and current-configuration (BIG-IP) optional | differenceReference |
differencerTaskReference | Reference link to differencer task. Used to manage difference between working-configuration (BIG-IQ) and current-configuration (BIG-IP) optional | differencerTaskReference |
endDateTime | Date/Time when device discovery task declare-mgmt-authority firewall ended. 2016-10-11T10:30:17.834-0400 optional | string |
generation | An integer that will track change made to a device discovery declare-mgmt-authority firewall task object. generation. optional, read-only | integer(int64) |
id | Unique id for child task. optional | string |
identityReference | Array of reference links to user used to discover device declare-mgmt-authority firewall. mgmt/shared/authz/users/admin optional | < identityReference > array |
isChildTask | Identify if task is a child of this declare-mgmt-authority for firewall. optional | boolean |
kind | Type information for this device discovery declare-mgmt-authority firewall task object. cm:security-shared:tasks:declare-mgmt-authority:dmataskitemstate optional, read-only | string |
lastUpdateMicros | Update time (micros) for last change made to a device discovery firewall task object. time (1476742109026835). optional, read-only | integer(int64) |
ownerMachineId | A unique id string for the BIG-IQ acting as a device owner for declare-mgmt-authority firewall. (Firewall) optional | string |
parentTaskReference | Reference link to parent process. The declare-mgmt-authority task. optional | parentTaskReference |
reImport | Flag to enable / disable re-import configuration. optional | boolean |
selfLink | A reference link URI to the device discovery declare-mgmt-authority firewall task object. optional, read-only | string |
skipDiscovery | Skip discovery for re-import configuration. optional | boolean |
startDateTime | Date/Time when device discovery declare-mgmt-authority firewall task began. 2016-10-11T10:30:17.834-0400 optional | string |
status | Status of device discovery declare-mgmt-authority firewall task during state transistion. (Firewall) optional | string |
useBigiqSync | Flag to sync BIG-IP cluster management (True / False) optional | boolean |
userReference | Reference link to user used to discover device declare-mgmt-authority firewall. mgmt/shared/authz/users/admin optional | userReference |
username | User name of device firewall object to be managed. (Firewall) optional | string |
validationBypassMode | Enable / Disable validation check when importing configuration device. BYPASS_NONE - no bypass (default), BYPASS_FINAL - skip final validation phase, BYPASS_ALL - skip all validation phases. optional | string |
copyTaskReference
Name | Description | Schema |
---|---|---|
link | Reference link to declare-mgmt-authority difference copy task. optional | string |
deviceReference
Name | Description | Schema |
---|---|---|
link | Reference link to declare-mgmt-authority task device. optional | string |
differenceReference
Name | Description | Schema |
---|---|---|
link | Reference link to shared security configuration difference report. optional | string |
differencerTaskReference
Name | Description | Schema |
---|---|---|
link | Reference link to differencer task. Used to manage difference between working-configuration (BIG-IQ) and current-configuration (BIG-IP) optional | string |
identityReference
Name | Description | Schema |
---|---|---|
link | Reference link to shared security configuration difference task object. optional | string |
parentTaskReference
Name | Description | Schema |
---|---|---|
link | Reference link to parent task. This declare-mgmt-authority task object. optional | string |
userReference
Name | Description | Schema |
---|---|---|
link | Reference link to users. /mgmt/shared/authz/users/admin optional | string |
copyTaskReference
Name | Description | Schema |
---|---|---|
link | Reference link to declare-mgmt-authority difference copy task. optional | string |
deviceReference
Name | Description | Schema |
---|---|---|
link | Reference link to the device in the shared allFirewallDevices resolver device group. optional | string |
differenceReference
Name | Description | Schema |
---|---|---|
link | Reference link to delcare-mgmt-authority differences found (current-config (BIG-IP) and working-config (BIG-IQ)) during task. optional | string |
differencerTaskReference
Name | Description | Schema |
---|---|---|
link | Reference link to delcare-mgmt-authority differences task object. optional | string |
identityReference
Name | Description | Schema |
---|---|---|
link | Array of reference links to users. mgmt/shared/authz/users/admin optional | string |
userReference
Name | Description | Schema |
---|---|---|
link | Reference links to user. mgmt/shared/authz/user optional | string |
properties_declare_mgmt_authority_collection¶
Name | Description | Schema |
---|---|---|
generation | An integer that will track change made to a device discovery firewall task collection object. generation. optional, read-only | integer(int64) |
items | Array of device discovery firewall task object. optional, read-only | < object > array |
kind | Type information for this device discover firewall task collection object. cm:firewall:tasks:declare-mgmt-authority:dmataskcollectionstate optional, read-only | string |
lastUpdateMicros | Update time (micros) for last change made to a device discovery firewall task collection object. time. optional, read-only | integer(int64) |
selfLink | A reference link URI to the device discovery firewall task collection object. optional, read-only | string |
Examples¶
None