Try SpotterManage BIG-IP ASM policy imports
| "added in version" 1.0.0 of f5networks.f5_bigip"
Authors: Wojciech Wypior (@wojtek0806)
Install with ansible-galaxy collection install f5networks.f5_bigip:==3.4.0
collections:
- name: f5networks.f5_bigip
version: 3.4.0Manage the policy imports for BIG-IP ASM policies.
- name: Import ASM policy
bigip_asm_policy_import:
name: new_asm_policy
file: /root/asm_policy.xml
- name: Import ASM policy inline
bigip_asm_policy_import:
name: foo-policy4
inline: <xml>content</xml>
- name: Override existing ASM policy
bigip_asm_policy_import:
name: new_asm_policy
source: /root/asm_policy_new.xml
force: true
name:
description:
- The ASM policy to create or override.
required: true
type: str
force:
default: false
description:
- When set to C(true) any existing policy with the same name will be overwritten by
the new import.
- Works for both inline and file imports, if the policy does not exist this setting
is ignored.
type: bool
base64:
description:
- Indicates if the imported policy string is encoded in Base64.
- Parameter only takes effect when using the C(inline) method of import.
type: bool
inline:
description:
- When specified, the ASM policy is created from a provided string.
- Content needs to be provided in a valid XML format, otherwise the operation will
fail.
type: str
source:
description:
- Full path to a policy file to be imported into the BIG-IP ASM.
- Policy files exported from newer versions of BIG-IP cannot be imported into older
versions of BIG-IP. The opposite, however, is true; you can import older into newer.
- The file format can be binary or XML.
type: path
encoding:
choices:
- windows-874
- utf-8
- koi8-r
- windows-1253
- iso-8859-10
- gbk
- windows-1256
- windows-1250
- iso-8859-13
- iso-8859-9
- windows-1251
- iso-8859-6
- big5
- gb2312
- iso-8859-1
- windows-1252
- iso-8859-4
- iso-8859-2
- iso-8859-3
- gb18030
- shift_jis
- iso-8859-8
- euc-kr
- iso-8859-5
- iso-8859-7
- windows-1255
- euc-jp
- iso-8859-15
- windows-1257
- iso-8859-16
- auto-detect
description:
- Specifies the desired application language of the imported policy.
- The imported policy cannot be a C(parent) type or attached to a C(parent) policy
when C(auto-detect) encoding is set.
- When importing a policy to attach to a C(parent) policy, the C(encoding) of the
imported policy, if different, must be set to be the same value as C(parent_policy),
otherwise import will fail.
- This parameter is available on TMOS version 13.x and later and only takes effect
when the C(inline) import method is used.
type: str
partition:
default: Common
description:
- Device partition on which to create the policy.
- This parameter is also applied to indicate the partition of the C(parent) policy.
type: str
policy_type:
choices:
- security
- parent
default: security
description:
- The type of the policy to import.
- When C(policy_type) is C(security), the policy is imported as an application security
policy that you can apply to a virtual server.
- When C(policy_type) is C(parent), the policy becomes a parent to which other Security
policies attach, inheriting its attributes. This policy type cannot be applied to
Virtual Servers.
- This parameter is available on TMOS version 13.x and later and only takes effect
when the C(inline) import method is used.
type: str
parent_policy:
description:
- The parent policy to which the newly imported policy should be attached as child.
- When C(parent_policy) is specified, the imported C(policy_type) must not be C(parent).
- This parameter is available on TMOS version 13.x and later and only takes effect
when C(inline) import method is used.
type: str
retain_inheritance_settings:
description:
- Indicates if an imported security type policy should retain settings when attached
to the parent policy.
- This parameter is available on TMOS version 13.x and later and only takes effect
when the C(inline) import method is used.
type: bool
base64:
description: Indicates if the imported policy string is encoded in Base64.
returned: changed
sample: true
type: bool
encoding:
description: The desired application language of the imported policy.
returned: changed
sample: utf-8
type: str
force:
description: Set when overwriting an existing policy.
returned: changed
sample: true
type: bool
inline:
description: Contents of a policy as an inline string.
returned: changed
sample: <xml>foobar contents</xml>
type: str
name:
description: Name of the ASM policy to be created/overwritten.
returned: changed
sample: Asm_APP1_Transparent
type: str
parent_policy:
description: The parent policy to which the newly imported policy should be attached
as child.
returned: changed
sample: /Common/parent
type: str
policy_type:
description: The type of the policy to import.
returned: changed
sample: security
type: str
retain_inheritance_settings:
description: Indicate if an imported security type policy should retain settings
when attached to the parent policy.
returned: changed
sample: true
type: bool
source:
description: Local path to an ASM policy file.
returned: changed
sample: /root/some_policy.xml
type: str