Forum Discussion

raZorTT's avatar
raZorTT
Icon for Cirrostratus rankCirrostratus
Mar 13, 2019

tmsh: making a variable-assign item secure

Hi,

Just wondering if it's possible on 12.1.3 to set a variable assign to secure via tmsh? I can't see any reference to it in the tmsh reference guide. Below is what i'm trying to achieve, which was set through the VPE

apm policy agent variable-assign /Common/ap_mypolicy_act_variable_assign_ag {
    variables {
        {
            expression "return [mcget -secure {session.logon.last.token}]"
            secure true
            varname session.logon.last.password
        }
    }
}

Cheers

Simon

application delivery
BIG-IP Access Policy Manager (APM)
  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Mar 15, 2019

    Hi Simon,

    you can change the variable assign action via the TMSH 

    load sys config merge from-terminal
    command. See below for a complete conversation how to add and to remove the secure flag...

    root@(f501)(cfg-sync Standalone)(Active)(/Common)(tmos) list apm policy agent variable-assign test
apm policy agent variable-assign test {
    variables {
        {
            expression "return {MalformedCredentials}"
            varname session.logon.last.error
        }
    }
}
root@(f501)(cfg-sync Standalone)(Active)(/Common)(tmos) load sys config merge from-terminal
Enter configuration. Press CTRL-D to submit or CTRL-C to cancel.
apm policy agent variable-assign test {
    variables {
        {
            expression "return {MalformedCredentials}"
            varname session.logon.last.error
            secure true
        }
    }
}
Loading configuration...
root@(f501)(cfg-sync Standalone)(Active)(/Common)(tmos) list apm policy agent variable-assign test
apm policy agent variable-assign test {
    variables {
        {
            expression "return {MalformedCredentials}"
            secure true
            varname session.logon.last.error
        }
    }
}
root@(f501)(cfg-sync Standalone)(Active)(/Common)(tmos) load sys config merge from-terminal
Enter configuration. Press CTRL-D to submit or CTRL-C to cancel.
apm policy agent variable-assign test {
    variables {
        {
            expression "return {MalformedCredentials}"
            varname session.logon.last.error
        }
    }
}
Loading configuration...
root@(f501)(cfg-sync Standalone)(Active)(/Common)(tmos) list apm policy agent variable-assign test
apm policy agent variable-assign test {
    variables {
        {
            expression "return {MalformedCredentials}"
            varname session.logon.last.error
        }
    }
}
root@(f501)(cfg-sync Standalone)(Active)(/Common)(tmos)

    Cheers, Kai