F5 APM: Deleting domain-groups entries / trim list

Cirrus

Apr 24, 2023

Good morning!

I've seen this issue across TMOS versions 12.1.5.3 and 14.1.5.3 thus far.

If I run this command, three new objects are created in the positions mentioned:

tmsh modify apm profile access MYACCESSPROFILE_LTM-APM_access_profile domain-groups add { authdomain47 { cookie-domain none cookie-host testapp1.iamaserver.com httponly-cookie false persistent-cookie false secure-cookie true sso-name none } authdomain48 { cookie-domain none cookie-host testapp2.iamaserver.com httponly-cookie false persistent-cookie false secure-cookie true sso-name none } authdomain49 { cookie-domain none cookie-host testapp3.iamaserver.com httponly-cookie false persistent-cookie false secure-cookie true sso-name none } }

I then run the commands to Apply the Access Policy and save. Following this, I can run the following command to list the new entries:

tmsh list apm profile access MYACCESSPROFILE_LTM-APM_access_profile domain-groups

The end of the results shows up as expected:

        authdomain47 {
            app-service none
            cookie-domain none
            cookie-host testapp1.iamaserver.com
            httponly-cookie false
            persistent-cookie false
            secure-cookie true
            sso-name none
        }
        authdomain48 {
            app-service none
            cookie-domain none
            cookie-host testapp2.iamaserver.com
            httponly-cookie false
            persistent-cookie false
            secure-cookie true
            sso-name none
        }
        authdomain49 {
            app-service none
            cookie-domain none
            cookie-host testapp3.iamaserver.com
            httponly-cookie false
            persistent-cookie false
            secure-cookie true
            sso-name none
        }
    }
}

Now I'll try deleting authdomain48:

tmsh modify apm profile access MYACCESSPROFILE_LTM-APM_access_profile domain-groups delete { authdomain48 }

I apply the Access Profile, save, and run another list. This time, you'll see the result is missing authdomain 48 instead of consolidating 49 to position 48:

        authdomain47 {
            app-service none
            cookie-domain none
            cookie-host testapp1.iamaserver.com
            httponly-cookie false
            persistent-cookie false
            secure-cookie true
            sso-name none
        }
        authdomain49 {
            app-service none
            cookie-domain none
            cookie-host testapp3.iamaserver.com
            httponly-cookie false
            persistent-cookie false
            secure-cookie true
            sso-name none
        }
    }
}

Deleting the entries via the GUI has the same effect. That's why I was just looking for a command to trim the list down. I can open a SR if that's what you suggest.

Forum Discussion

F5 APM: Deleting domain-groups entries / trim list

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Deleting an AS3 Tenant

Delete VS

This DevCentral Content has been Archived or Deleted

Modifying multiple entries in a datagroup via api?

Delete Management Default Route?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS