cancel
Showing results for 
Search instead for 
Did you mean: 

Ansible playbook to export and import ASM security policy

You can use my ansible code for exporting and importing ASM policies. Please read the descrption:

 

https://devcentral.f5.com/s/articles/Ansible-playbook-to-export-and-import-ASM-security-policy-policy?page=1

 

 

 

 

---

 

 

 

- name: Exporting and importing the ASM policy

 hosts: all

 connection: local

 become: yes

 

 

 vars:

   provider:

     password: xxx

     server: xxxx

     user: xxxx

     validate_certs: no

     server_port: 443

 

 vars_prompt:

 

   - name: asm_policy

     prompt: What is the name of the ASM policy?

     private: no

 

 tasks:

 

 

  - name: Ansible delete file example

    file:

      path: "/home/niki/asm_policy/{{ asm_policy }}"

      state: absent

    when: inventory_hostname in groups['internal']

 

 

  - name: Export policy in XML format

    bigip_asm_policy_fetch:

      name: "{{ asm_policy }}_preprod"

      file: "{{ asm_policy }}"

      dest: /home/niki/asm_policy/

      binary: yes

      provider: "{{ provider }}"

 

 

  - name: Override existing ASM policy

    bigip_asm_policy_import:

      name: "{{ asm_policy }}_prod"

      source: "/home/niki/asm_policy/{{ asm_policy }}"

      force: yes

      provider: "{{ provider }}"

 

    notify:

       - Save the running configuration to disk

 

 

  - name: Task - deactivate policy

    bigip_asm_policy_manage:

        name: "{{ asm_policy }}_prod"

        state: present

        provider: "{{ provider }}"

        active: no

 

 

  - name: Task - activate policy

    bigip_asm_policy_manage:

        name: "{{ asm_policy }}_prod"

        state: present

        provider: "{{ provider }}"

        active: yes

 

 handlers:

    - name: Save the running configuration to disk

      bigip_config:

       save: yes

       provider: "{{ provider }}"

0 REPLIES 0