Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Automate the IP whitelist creation in bulk for the ASM Polciy via iControl REST

Hi F5 Fraternity,

I am trying to create/update the IP whitelist for a ASM Policy. I am using below POST icontrol REST API call via Postman using Basic Auth:

**POST:** https://{{bigip-dev_mgmt}}/mgmt/tm/{{module}}/policies/{{asm_policy_hash}}/whitelist-ips
**Body:**
{
            "ignoreIpReputation": true,
            "blockRequests": "policy-default",
            "ignoreAnomalies": false,
            "neverLogRequests": false,
            "ipAddress": "1.1.1.1",
            "description": "Tango",
            "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
            "neverLearnRequests": false,
            "ipMask": "255.255.255.255",
            "trustedByPolicyBuilder": false
        }
**Headers:**
Content-type: application/json   

This one does the Job but it adds just one IP. I have like some 40-50 IPs that I need to add to the ASM IP address exception. Is there any way of adding the entire list of IPs as a body doing just one API call?

I appreciate the help in advance.

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Can I ask if the IPs are representable in CIDR notation? Or are they totally random/unique? Because if it's the former, this can be done without any code from the ASM console from the address exceptions menu. If not, I am happy to work with you and craft a script to do this using the Python SDK for F5 as I would have some use for that, too. That said - it will probably involve looping through API calls so not sure if that will be feasible for you based on what you said about needing to do so in the body of a single request.

0