Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Python iControl API - update ASM Whitelist


Hello All,


I am trying to craft a script using the python iControl SDK to update the IP Address exceptions in ASM (Security -> Application Security -> IP Addresses -> IP Address Exception). The goal being to remove all current entries for a ASM profile and write new entries.


Looking at the document for the SDK, it seems the below code should return an 'items' entry which allows me to see current entries. I don't see this though:


asm_data ='OlmMtvwlfOE96VXgK-aqTw') asm_data.whitelistIpReference {'link': 'https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3', 'isSubCollection': True}


However, the 'items' entry shows when I navigate to the above URI for the policy:

curl -sku admin:redacted GET | python3 -m json.tool {    "kind": "tm:asm:policies:whitelist-ips:whitelist-ipcollectionstate",    "selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3",    "totalItems": 1,    "items": [        {            "ignoreIpReputation": false,            "blockRequests": "policy-default",            "ignoreAnomalies": false,            "neverLogRequests": false,            "ipAddress": "",            "lastUpdateMicros": 1638816374000000.0,            "description": "",            "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",            "selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips/oiVNMinH9Vlv_KEDJ5Jmmw?ver=15.1.3",            "neverLearnRequests": false,            "ipMask": "",            "id": "oiVNMinH9Vlv_KEDJ5Jmmw",            "trustedByPolicyBuilder": false        }    ] }


Has anyone come across this before (Or Solved it)? Any other recommendations on how to update the IP Address Exceptions across 200+ ASM Policies?