Forum Discussion
Python iControl API - update ASM Whitelist
Hello All,
I am trying to craft a script using the python iControl SDK to update the IP Address exceptions in ASM (Security -> Application Security -> IP Addresses -> IP Address Exception). The goal being to remove all current entries for a ASM profile and write new entries.
Looking at the document for the SDK, it seems the below code should return an 'items' entry which allows me to see current entries. I don't see this though:
asm_data = mgmt.tm.asm.policies_s.policy.load(id='OlmMtvwlfOE96VXgK-aqTw')
asm_data.whitelistIpReference
{'link': 'https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3', 'isSubCollection': True}
However, the 'items' entry shows when I navigate to the above URI for the policy:
curl -sku admin:redacted GET https://10.0.6.3/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3 | python3 -m json.tool
{
"kind": "tm:asm:policies:whitelist-ips:whitelist-ipcollectionstate",
"selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3",
"totalItems": 1,
"items": [
{
"ignoreIpReputation": false,
"blockRequests": "policy-default",
"ignoreAnomalies": false,
"neverLogRequests": false,
"ipAddress": "10.0.0.0",
"lastUpdateMicros": 1638816374000000.0,
"description": "",
"kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
"selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips/oiVNMinH9Vlv_KEDJ5Jmmw?ver=15.1.3",
"neverLearnRequests": false,
"ipMask": "255.0.0.0",
"id": "oiVNMinH9Vlv_KEDJ5Jmmw",
"trustedByPolicyBuilder": false
}
]
}
Has anyone come across this before (Or Solved it)? Any other recommendations on how to update the IP Address Exceptions across 200+ ASM Policies?
Thanks!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com