Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

update list of policy items using restAPI

justintime123
Nimbostratus
Nimbostratus

‎04-Jul-2023 07:17

Tring to maintain an access policy using restAPI APM.  Need to add or remove a policy item from the list of policy items. Tried this:

json_payload=$(cat <<EOF
{"name":"test",
"items":[
{"name":"test_act_full_resource_assign-2","partition":"Common","priority":0,"nameReference":{"link":"https://localhost/mgmt/tm/apm/policy/policy-item/~Common~test_act_full_resource_assign-1?ver=15.1.7"}}

]}
EOF

)

 

$(curl -sk -X PATCH -u $username:${password} -H "X-F5-REST-Coordination-Id:${ID}" -H "Content-Type: application/json" https://${bigip_ip_address}/mgmt/tm/apm/policy/access-policy/test?ver=15.1.7 -d  "$json_payload" | jq -M .)
 
But this actually is to replace the whole list of items with the one in the json body. 
 
Is that a way to just simply add or remove one single item instead of replacing the whole list?
 
Thanks.
Labels:
0 Kudos
3 REPLIES 3

whisperer
Cumulonimbus
Cumulonimbus

‎04-Jul-2023 11:20

I have run into the same issue with pretty much all lists on the F5. For instance, maintaining iRules. Usually just load the existing list into memory with a GET request, manipulate this list, and then repost via API to make changes. This is much easier if you use Python and built in capabilities for data types rather than command line and curl. Since you may eventually look at automation with tools like Ansible, you may want to make that conversion sooner than later 🙂

 

0 Kudos

justintime123
Nimbostratus
Nimbostratus
In response to whisperer

‎05-Jul-2023 07:14

It is quite frustrating that in the Doc they have /items as an array property while trying to access it there is  "403, Operation is not allowed on this level" error message. 

I dont know why it is not accessible. Life would be so much easier not having to get all items first, then comparison, add and removal finally replacing the whole list.

0 Kudos

whisperer
Cumulonimbus
Cumulonimbus
In response to justintime123

‎05-Jul-2023 07:54

I agree. Sadly, these are the cards we have been dealt.

Another way is declarative FAST templates. Maintain a golden JSON config in github. Making a change? Modify the JSON config, save, and check out the new version, loading it into the F5 via FAST templating. This may be easier than multiple API calls... perform heavy lifting off F5 unit, and then take the desired config and push it once.

0 Kudos
Copyright © 2023 Khoros, LLC