Forum Discussion

Walter_Kacynski's avatar
Walter_Kacynski
Icon for Cirrostratus rankCirrostratus
Jan 29, 2020

ng_export with Per Request Policies

Does anyone know if ng_export cli will work with per request policies (PRP). Access Profile Export utility v14.1 Usage: ng_export [-t|-type access_policy] <name> <filename> [-p|-partition <pa...
application delivery
BIG-IP Access Policy Manager (APM)
security
  • Lucas_Thompson's avatar
    Lucas_Thompson
    Jan 30, 2020

    You can already do it with normal policies, no reverse engineering needed.

    https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/refguide/schema-reference.html

     

    However that ID 755148 refers to API Protection policies. These are the same as PRPs, but they have a different "type" (I'm sure you noticed already).

     

    The other thing is:

    The way I do this usually when I'm creating labs or other material is to walk the configuration hirearchy (policy items, agents, policy, profile, customization groups) and then turn it into a pile of TMSH commands, then use the commands to create a policy. It's kind of fragile between versions, but mostly works fine.

Lucas_Thompson's avatar
Lucas_Thompson
Icon for Employee rankEmployee
Jan 29, 2020

I tried this in 15.1, and the GUI calls ng_export with "-t access_policy" rather than "-t per-rq-policy". It should probably work the same way in 14.1.

 

Note that you're pretty much on your own with ng_export, but it's interesting people are using it directly!

Thanks for the question.