JustJozef
Jun 17, 2022Cirrus
icontrol - policy not visible after import
Hello,
trying to import policy with REST API but after call "import-policy" it's not visible in GUI and in asm logs can see follow errors:
info perl[19936]: 01310053:6: ASMConfig change: Import Policy Task Import Policy Task (1655457572.770062) [add]: Target Name was set to sp_test_api_baseline.
info perl[19936]: 01310053:6: ASMConfig change: Import Policy Task Import Policy Task (1655457572.770062) [update]: Status was set to STARTED.
crit g_server_rpc_handler_async.pl[17881]: 01310027:2: ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::handle_error): Failed add for parameter [param_name = 'accessToken', param_level = '2', param_id = '7328']
crit g_server_rpc_handler_async.pl[17881]: 01310027:2: ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::handle_error): Code: 999, Error message = URL for Parameter not found -- aborting
crit g_server_rpc_handler_async.pl[17881]: 01310027:2: ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::log_error_and_rollback): Could not add the Parameter 'accessToken on GET /api/Token/Check'. URL for Parameter not found -- aborting
crit g_server_rpc_handler_async.pl[17881]: 01310027:2: ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::log_error_and_rollback): Could not add the Parameter 'accessToken on GET /api/Token/Check'. URL for Parameter not found -- aborting
crit g_server_rpc_handler_async.pl[17881]: 01310027:2: ASM subsystem error (asm_config_server.pl,F5::ImportExportPolicy::Base::fatal_error): Could not add the Parameter 'accessToken on GET /api/Token/Check'. URL for Parameter not found -- aborting
info perl[19936]: 01310053:6: ASMConfig change: Import Policy Task Import Policy Task (1655457572.770062) [update]: Status was set to FAILURE.
Token for API is part of the X-F5-Auth-Token header.
Any idea what can be wrong here?
Thank you.
I just found that error reported in logs is correct!. It's not the issue with auth with icontrol and waf itself but there is a issue in swagger file where endpoint from log is with method "POST" instead "GET" so parameter accessToken cannot be related to the GET /api/Token/Check as it does not exist.