Forum Discussion
NimbostratusRestrict Post/Put methods
Hi,
I want to give my development team restricted access to the F5 with REST API. I need to give them only restricted access so they can monitor the status of the pool members. How can I restrict them to a specific HTTP method, for example only GET?
Thanks in advance, Lior Franko,
6 Replies
R_MarcASM has this as a feature, per policy. Otherwise, it's pretty easy to do in an iRule:
Lior_54855Hi,
Thank you for this link. I know how to do it with ASM or with iRule, but the REST API works on the MGMT interface. Is there a way I can create virtual server and send the REST API requests through this virtual server?
- R_MarcSorry, misunderstood your question...I believe that access is handled via an apache instance. You could perhaps modify the /etc/http/http.conf and add in some rewrite rules to block the unwanted methods. That might persist reboots, but would not likely persist upgrades. They don't appear to have included the allowed methods module. However, you would be limiting the capability of the REST API to Read Only, unless you wrote a complicated rule to allow some IP's users to PUT/POST.
- Lior_54855
Yea that's what I thought so. I'm guessing F5 will add restricted users sometime, it's mandatory. If anyone else know how to do it without modifying the /etc/http/http.conf I'll loved to know.
Thank you for the help.
shaggyyou should open an f5 support case to request the feature
mrkbgm_240216Did you find the workaround for this?, I am sailing the same boat!
