Forum Discussion
NimbostratusPool unexpected argument when trying to patch pool member
I've been putting together some scripts to control our f5 via the iControl REST API but have run into some issues around permissions. I am trying to set a pool member to disabled. If I run as an admin account this all works but I've tried to set up a lesser privileged account to use instead. Every time I try and PATCH the object I get the following error
{ "code": 400, "message": "\"pool\" unexpected argument", "errorStack": [], "apiError": 26214401 }
I have setup a new user and a new role. I've assigned the existing "iControl/REST ltm resources edit" and "iControl/REST ltm resources read" resource groups to the new role, and the new user to this role. From what I can see this should give full access over the pool members.
I am sending a PATCH request to ; with the following body {"state": "user-up","session": "user-disabled"} as well as Content-Type and X-F5-Auth-Token headers.
Version: BIG-IP 12.1.3
Any help would be greatly appreciated.
Andy_McGrathCumulonimbus
The out need to use token based authentication if you using an account that doesn't have the admin role assigned.
See https://devcentral.f5.com/articles/demystifying-icontrol-rest-part-6-token-based-authentication on how to get you Auth token and how to use it instead of sending basic Auth username and password.
Unless you have a very specific need for a custom role, I would suggest you to use a ready-made role. Find the one most appropriate from Manual Chapter: User Roles. If you really want to use a custom role, take a look at iControl REST Fine-Grained Role Based Access Control. Because it's tricky, you may want to contact F5 Professional Services for consultation.
For your information, here's a curl command for creating a new user with the role "operator".
curl https:///mgmt/tm/auth/user -X POST -H "Content-type: application/json" \ -d '{"name":"newUser", "password":"newPassword", \ "shell":"tmsh", "partitionAccess":[{"name":"all-partitions", "role":"operator"}]}'
