Adds bigip_asm_policy module (#32281)

This module can be used to import asm policies from file or existing template. Supported file types are xml, compact xml, and binary
2026-05-07 13:52:54 +00:00 · 2017-10-27 22:31:52 -07:00
parent 47fb002c88
commit 2a5f6c28cf
4 changed files with 1807 additions and 0 deletions
--- a/test/units/modules/network/f5/fixtures/load_asm_policy_active.json
+++ b/test/units/modules/network/f5/fixtures/load_asm_policy_active.json
@@ -0,0 +1,197 @@
+{
+  "plainTextProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/plain-text-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "learningMode": "manual",
+  "dataGuardReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/data-guard?ver=12.1.2"
+  },
+  "stagingSettings": {
+    "signatureStaging": true,
+    "placeSignaturesInStaging": false,
+    "enforcementReadinessPeriod": 7
+  },
+  "createdDatetime": "2017-09-21T11:52:24Z",
+  "geolocationEnforcementReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/geolocation-enforcement?ver=12.1.2"
+  },
+  "versionLastChange": "Allowed Response Code 503 [add]: Response Code was set to 503.",
+  "name": "fake_policy",
+  "caseInsensitive": false,
+  "loginPageReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/login-pages?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "fullPath": "/Common/fake_policy",
+  "description": "",
+  "attributes": {
+    "pathParameterHandling": "as-parameters",
+    "triggerAsmIruleEvent": "disabled",
+    "inspectHttpUploads": false,
+    "maskCreditCardNumbersInRequest": true,
+    "maximumHttpHeaderLength": "8192",
+    "useDynamicSessionIdInUrl": false,
+    "maximumCookieHeaderLength": "8192"
+  },
+  "partition": "Common",
+  "webScrapingReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/web-scraping?ver=12.1.2"
+  },
+  "csrfProtectionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/csrf-protection?ver=12.1.2"
+  },
+  "customXffHeaders": [],
+  "kind": "tm:asm:policies:policystate",
+  "virtualServers": [],
+  "ipIntelligenceReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/ip-intelligence?ver=12.1.2"
+  },
+  "protocolIndependent": false,
+  "sessionAwarenessSettingsReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/session-tracking?ver=12.1.2"
+  },
+  "signatureSetReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/signature-sets?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "parameterReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/parameters?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "allowedResponseCodes": [
+    400,
+    401,
+    404,
+    407,
+    417,
+    503
+  ],
+  "applicationLanguage": "utf-8",
+  "enforcementMode": "transparent",
+  "loginEnforcementReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/login-enforcement?ver=12.1.2"
+  },
+  "navigationParameterReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/navigation-parameters?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "gwtProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/gwt-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "whitelistIpReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/whitelist-ips?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "historyRevisionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/history-revisions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "policyBuilderReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/policy-builder?ver=12.1.2"
+  },
+  "responsePageReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/response-pages?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "vulnerabilityAssessmentReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/vulnerability-assessment?ver=12.1.2"
+  },
+  "blockingSettingReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/blocking-settings?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "cookieReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/cookies?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "hostNameReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/host-names?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "versionDeviceName": "ltm4restlab.lab.local",
+  "selfLink": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw?ver=12.1.2",
+  "signatureReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/signatures?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "filetypeReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/filetypes?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "id": "0EHlYeS5noAOZLY3YsJjEw",
+  "manualVirtualServers": [],
+  "modifierName": "admin",
+  "versionDatetime": "2017-04-11T08:05:22Z",
+  "subPath": "/Common",
+  "sessionTrackingStatusReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/session-tracking-statuses?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "active": true,
+  "auditLogReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/audit-logs?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "trustXff": false,
+  "websocketUrlReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/websocket-urls?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "xmlProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/xml-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "methodReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/methods?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "redirectionProtectionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/redirection-protection?ver=12.1.2"
+  },
+  "vulnerabilityReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/vulnerabilities?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "creatorName": "SYSTEM",
+  "urlReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/urls?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "headerReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/headers?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "xmlValidationFileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/xml-validation-files?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "lastUpdateMicros": 1.506250903e+15,
+  "jsonProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/json-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "bruteForceAttackPreventionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/brute-force-attack-preventions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "extractionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/extractions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "characterSetReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/character-sets?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "isModified": false,
+  "suggestionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/suggestions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "sensitiveParameterReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/sensitive-parameters?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "versionPolicyName": "/Common/fake_policy"
+}
--- a/test/units/modules/network/f5/fixtures/load_asm_policy_inactive.json
+++ b/test/units/modules/network/f5/fixtures/load_asm_policy_inactive.json
@@ -0,0 +1,197 @@
+{
+  "plainTextProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/plain-text-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "learningMode": "manual",
+  "dataGuardReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/data-guard?ver=12.1.2"
+  },
+  "stagingSettings": {
+    "signatureStaging": true,
+    "placeSignaturesInStaging": false,
+    "enforcementReadinessPeriod": 7
+  },
+  "createdDatetime": "2017-09-21T11:52:24Z",
+  "geolocationEnforcementReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/geolocation-enforcement?ver=12.1.2"
+  },
+  "versionLastChange": "Allowed Response Code 503 [add]: Response Code was set to 503.",
+  "name": "fake_policy",
+  "caseInsensitive": false,
+  "loginPageReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/login-pages?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "fullPath": "/Common/fake_policy",
+  "description": "",
+  "attributes": {
+    "pathParameterHandling": "as-parameters",
+    "triggerAsmIruleEvent": "disabled",
+    "inspectHttpUploads": false,
+    "maskCreditCardNumbersInRequest": true,
+    "maximumHttpHeaderLength": "8192",
+    "useDynamicSessionIdInUrl": false,
+    "maximumCookieHeaderLength": "8192"
+  },
+  "partition": "Common",
+  "webScrapingReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/web-scraping?ver=12.1.2"
+  },
+  "csrfProtectionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/csrf-protection?ver=12.1.2"
+  },
+  "customXffHeaders": [],
+  "kind": "tm:asm:policies:policystate",
+  "virtualServers": [],
+  "ipIntelligenceReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/ip-intelligence?ver=12.1.2"
+  },
+  "protocolIndependent": false,
+  "sessionAwarenessSettingsReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/session-tracking?ver=12.1.2"
+  },
+  "signatureSetReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/signature-sets?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "parameterReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/parameters?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "allowedResponseCodes": [
+    400,
+    401,
+    404,
+    407,
+    417,
+    503
+  ],
+  "applicationLanguage": "utf-8",
+  "enforcementMode": "transparent",
+  "loginEnforcementReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/login-enforcement?ver=12.1.2"
+  },
+  "navigationParameterReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/navigation-parameters?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "gwtProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/gwt-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "whitelistIpReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/whitelist-ips?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "historyRevisionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/history-revisions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "policyBuilderReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/policy-builder?ver=12.1.2"
+  },
+  "responsePageReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/response-pages?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "vulnerabilityAssessmentReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/vulnerability-assessment?ver=12.1.2"
+  },
+  "blockingSettingReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/blocking-settings?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "cookieReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/cookies?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "hostNameReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/host-names?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "versionDeviceName": "ltm4restlab.lab.local",
+  "selfLink": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw?ver=12.1.2",
+  "signatureReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/signatures?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "filetypeReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/filetypes?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "id": "0EHlYeS5noAOZLY3YsJjEw",
+  "manualVirtualServers": [],
+  "modifierName": "",
+  "versionDatetime": "2017-04-11T08:05:22Z",
+  "subPath": "/Common",
+  "sessionTrackingStatusReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/session-tracking-statuses?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "active": false,
+  "auditLogReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/audit-logs?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "trustXff": false,
+  "websocketUrlReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/websocket-urls?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "xmlProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/xml-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "methodReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/methods?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "redirectionProtectionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/redirection-protection?ver=12.1.2"
+  },
+  "vulnerabilityReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/vulnerabilities?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "creatorName": "SYSTEM",
+  "urlReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/urls?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "headerReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/headers?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "xmlValidationFileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/xml-validation-files?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "lastUpdateMicros": 0,
+  "jsonProfileReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/json-profiles?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "bruteForceAttackPreventionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/brute-force-attack-preventions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "extractionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/extractions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "characterSetReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/character-sets?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "isModified": false,
+  "suggestionReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/suggestions?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "sensitiveParameterReference": {
+    "link": "https://localhost/mgmt/tm/asm/policies/0EHlYeS5noAOZLY3YsJjEw/sensitive-parameters?ver=12.1.2",
+    "isSubCollection": true
+  },
+  "versionPolicyName": "/Common/fake_policy"
+}