How to manage AS3 BIG-IQ deployments and shared objects

Hi,

I have a question around how to utilize AS3 and BIG-IQ.

Currently I am deploying AS3 via BIG-IQ to get the application statistics in BIG-IQ. However, I cannot use resources created in BIG-IQ within the AS3 declarations.

For example, I do not want to store my ssl/tls certificates within the AS3 json that will be in public (-ish) revision control. Likewise, I want the iRules created as on BIG-IQ that can be shared between virtual servers/applications and not squashed on an unreadable line in the AS3 json.

However, it appears BIG-IQ will only sync these objects to BIG-IP when you create a virtual server within BIG-IQ (outside of AS3). This leads to the AS3 declaration failing as AS3 can't find these /Common/ objects on the BIG-IP at deployment time.

Also, it is unclear how to create applications (again AS3 via BIG-IQ) and pin them to different traffic-groups for an active-active BIG-IP setup. It seems all AS3 deployments are stuck the traffic-group-1.

How are people currently managing referencing "shared" things such as iRules/certificates/policies and pushing them with BIG-IQ in a AS3-only world?

Does anyone have any good overviews of this level of managing things? Documentation I've seen seems specific to just using AS3 or just using BIG-IQ deployments, etc.