Forum Discussion

benweber's avatar
Icon for Nimbostratus rankNimbostratus
Dec 06, 2021

Python iControl API - update ASM Whitelist

Hello All,

I am trying to craft a script using the python iControl SDK to update the IP Address exceptions in ASM (Security -> Application Security -> IP Addresses -> IP Address Exception). The goal being to remove all current entries for a ASM profile and write new entries.

Looking at the document for the SDK, it seems the below code should return an 'items' entry which allows me to see current entries. I don't see this though:


asm_data ='OlmMtvwlfOE96VXgK-aqTw')
{'link': 'https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3', 'isSubCollection': True}


However, the 'items' entry shows when I navigate to the above URI for the policy:


curl -sku admin:redacted GET | python3 -m json.tool
   "kind": "tm:asm:policies:whitelist-ips:whitelist-ipcollectionstate",
   "selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3",
   "totalItems": 1,
   "items": [
           "ignoreIpReputation": false,
           "blockRequests": "policy-default",
           "ignoreAnomalies": false,
           "neverLogRequests": false,
           "ipAddress": "",
           "lastUpdateMicros": 1638816374000000.0,
           "description": "",
           "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
           "selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips/oiVNMinH9Vlv_KEDJ5Jmmw?ver=15.1.3",
           "neverLearnRequests": false,
           "ipMask": "",
           "id": "oiVNMinH9Vlv_KEDJ5Jmmw",
           "trustedByPolicyBuilder": false


Has anyone come across this before (Or Solved it)? Any other recommendations on how to update the IP Address Exceptions across 200+ ASM Policies?


No RepliesBe the first to reply