Forum Discussion
Nimbostratuscreate policy with curl
Hello,
I try to create a policy with rules/action/condition in one request but i have some trouble with syntax
the url on my request is
/mgmt/tm/ltm/policy
this is the payload on the post request
{
"partition":"Common",
"name":"myPolicy",
"requires":[
"http"
],
"controls":[
"forwarding"
],
"strategy":"/Common/first-match",
"legacy":true,
"rulesReference":{
"items":[
{
"name":"rules1",
"ordinal":"1",
"conditionsReference":{
"items":[
{
"values":[
"www.mydomain.com"
],
"equals":true,
"httpHost":true
}
]
},
"actionsReference":{
"items":[
{
"forward":true,
"pool":"/Common/testPolicy"
}
]
}
}
]
}
}
when i do this request
I have this message
{"code":400,"message":"one or more configuration identifiers must be provided","errorStack":[],"apiError":26214401}
do you know where is wrong
Fred_01I found the good syntax
{ "partition":"Common", "name":"myPolicy", "requires":[ "http" ], "controls":[ "forwarding" ], "strategy":"/Common/first-match", "legacy":true, "rules":[ { "ordinal":1, "name":"rules1", "conditions":[ { "name":"0", "values":[ "www.mydomain.com" ], "equals":true, "httpHost":true } ], "actions":[ { "name":"0", "forward":true, "pool":"/Common/testFred" } ] } ] }ordinal must be a integer, name must be a string
donfouts_363600where did you find the correct syntax? i am getting this same 400 error when making a virtual server. but can't find what the required configuration identifiers...
LTM policy is fairly nested. First, it consists of policy itself and one or more rules. And a rule consists of one or more condition spec and action spec.
Creating an empty (no rule) draft policy is fairly straight forward.
curl -sku admin: https:///mgmt/tm/ltm/policy \ -X POST -H "Content-type:application/json" \ -d '{"name":"/Common/Drafts/TestPolicy", "strategy":"first-match"}'Then, you can add an empty rule named
to the policy (rule
😞/Common/Drafts/TestPolicycurl -sku admin: https:///mgmt/tm/ltm/policy/~Common~Drafts~TestPolicy/rules \ -X POST -H "Content-type:application/json" \ -d '{"name":"rule"}'The above steps can be put into one single JSON body (POST it to
😞/mgmt/tm/ltm/policy{ "name": "/Common/Drafts/TestPolicy", "strategy": "/Common/first-match", "rules": [ { "name": "rule" } ] }Note that the value of the
field is an array (list), hencerules
. The array must contain a number of objects ({...}) each having a unique name: e.g.,[]
.[ { rule1 }, { rule2 }, ... ]Each rule contains one or more conditions and actions. They are both represented as array. So, the JSON body for creating a policy with empty rule with empty condition/action would become like this:
{ "name": "/Common/Drafts/TestPolicy", "strategy": "/Common/first-match", "rules": [ { "name": "rule", "conditions": [], "actions":[] } ] }Now, the arrays of
andconditions
contain a number of condition/action specs represented as object. Each of them can be accessed fromactions
or/mgmt/tm/ltm/policy//rules//conditions/
./mgmt/tm/ltm/policy//rules//actions/
is the index number of the array, starting from 0. So, adding a condition as the first element of the array would look like this:curl -sku admin: https:///mgmt/tm/ltm/policy/~Common~Drafts~TestPolicy/rules/rule/conditions/0 \ -X POST -H "Content-type: application/json" \ -d '{ "http-header":true, "all":true, "tmName":"X-Sat", "starts-with":true, "values":[ "www.google.com" ], "request":true}'Note that the property name for the HTTP field name is called
here. In tmsh, it is calledtmName
: e.g.,name
(from tmsh help). The field name is changed becausehttp-header response name Content-type starts-with values { text/ }
is used for the name of the condition index in iControl REST. The payload would be very different from one condition to another. Refer to thename
.tmsh help ltm poilicyYou can put all of them together in one single JSON like what Fred 01 had shown in 24-Oct-2018.
"name": "/Common/Drafts/TestPolicy2", "strategy":"/Common/first-match", "rules": [ { "name": "rule", "conditions": [ { "name":"0", "http-header":true, "all":true, "tmName":"X-Sat", "starts-with":true, "values":[ "www.google.com" ], "request":true } ], "actions":[ { "name":"0", "http-reply":true, "redirect":true, "location":"https://www.google.com" } ] } ] }Note that the field name (index number in the arrays) of condtions and actions is
, and its value is string (so "0". not numeric 0).nameIf you get confused with the nested json body, create each entity one by one.
- A policy with empty rule with empty conditions/actions
- The condition(s)
- The action(s)
I hope this clarifies the myth.
