Forum Discussion

benweber's avatar
benweber
Icon for Nimbostratus rankNimbostratus
Dec 06, 2021

Python iControl API - update ASM Whitelist

Hello All,

I am trying to craft a script using the python iControl SDK to update the IP Address exceptions in ASM (Security -> Application Security -> IP Addresses -> IP Address Exception). The goal being to remove all current entries for a ASM profile and write new entries.

Looking at the document for the SDK, it seems the below code should return an 'items' entry which allows me to see current entries. I don't see this though:

 

asm_data = mgmt.tm.asm.policies_s.policy.load(id='OlmMtvwlfOE96VXgK-aqTw')
asm_data.whitelistIpReference
{'link': 'https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3', 'isSubCollection': True}

 

However, the 'items' entry shows when I navigate to the above URI for the policy:

 


curl -sku admin:redacted GET https://10.0.6.3/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3 | python3 -m json.tool
{
   "kind": "tm:asm:policies:whitelist-ips:whitelist-ipcollectionstate",
   "selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips?ver=15.1.3",
   "totalItems": 1,
   "items": [
       {
           "ignoreIpReputation": false,
           "blockRequests": "policy-default",
           "ignoreAnomalies": false,
           "neverLogRequests": false,
           "ipAddress": "10.0.0.0",
           "lastUpdateMicros": 1638816374000000.0,
           "description": "",
           "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
           "selfLink": "https://localhost/mgmt/tm/asm/policies/OlmMtvwlfOE96VXgK-aqTw/whitelist-ips/oiVNMinH9Vlv_KEDJ5Jmmw?ver=15.1.3",
           "neverLearnRequests": false,
           "ipMask": "255.0.0.0",
           "id": "oiVNMinH9Vlv_KEDJ5Jmmw",
           "trustedByPolicyBuilder": false
       }
   ]
}

 

Has anyone come across this before (Or Solved it)? Any other recommendations on how to update the IP Address Exceptions across 200+ ASM Policies?

Thanks!

No RepliesBe the first to reply