Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

BIG-IP ASM Automation with Ansible

My Background Back in September I started my Ansible journey, coming from no knowledge about Ansible and its automation capabilities I was asked to develop some code/playbooks to automate some of th...
Published Dec 30, 2019
Version 1.0
Ansible
application delivery
ASM Advanced WAF
Automation
big-ip
security
series-handy-ansible-hacks
Matt_Mabis's avatar
Icon for Employee rankEmployee
I am a Senior Solutions Archtiect at F5 in Business Development. I specialize in VMware integrated solutions, Ansible automation (including F5 Automation Toolchain), and Virtual Edition performance. I have a deep background in troubleshooting. I have multiple VMware VCP Certifications including (Data Center, Desktop and Mobility and NSX)
View Profile
Matt_Mabis's avatar
Matt_Mabis
Icon for Employee rankEmployee
Mar 03, 2020

Hey Matt,

 

To answer your question i didn't build in any integrity type code to validate if it was a real IP, i did build in code however to determine if the IP or URL had already been inputted into the XML this was to prevent duplication's which would break the XML import.

 

What i might recommend if you are looking to validate like if its an IPv4 Address or IPv6 you could use the "ipaddr filter (https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters_ipaddr.html) " and register a variable like (is_valid_ip) and run individual checks, might be able to be done in loops and array where your array list of is_valid_ip compares at the same slot as the IP address and only injects when valid.

 

Hopefully this is what you were asking, feel free to reach out again if this isnt what you are looking for.

 

Also i have added another set of use-cases to the repository (use-case 6) where Use-case 6 is the same code built into a role (7 is same but with our provisioner uses the juice-shop web front)

 

Feel free to respond back if i didnt get to your question correctly :)