Retrieve ASM Policy Facts from the F5 Network Infrastructure

Businesses nowadays are using DevOps and automation to speed up application development and eliminate IT bottlenecks. Network automation is the next frontier. We can use Ansible to automate application delivery services like identity and access management, web application security, and TCP optimization. Combining together with the F5 services, we can automate and orchestrate using Ansible through a series of integrations with the F5 BIG-IP platform API modules. Ansible F5 modules enable the most common use cases and follow best practices while providing an agentless solution that makes use of the native APIs of BIG-IP, improving configuration and automation speed and consistency.

Links

  • [bigip_device_info module](https://docs.ansible.com/ansible/latest/collections/f5networks/f5_modules/bigip_device_info_module.html)
  • [F5Networks.F5_Modules](https://docs.ansible.com/ansible/latest/collections/f5networks/f5_modules/index.html)

Code

The "F5Networks.F5_Modules” Ansible collection interacts with F5 infrastructure.

Install in our system using the ansible-galaxy tool:

``bash

ansible-galaxy collection install f5networks.f5_modules

`

We are going to use the following F5 modules:

f5networks.f5_modules.bigip_device_info module – Collect information from F5 BIG-IP devices

The following “f5.yml” Ansible Playbook retrieves the ASM Policy Facts Full from the F5 infrastructure and prints them on the screen:

`yaml

---

  • name: Retrieve ASM Policy Facts Full

hosts: all

connection: local

collections:

- f5networks.f5_modules

gather_facts: true

vars:

provider:

server: f5.example.com

user: admin

password: mypassword

validate_certs: false

server_port: 443

tasks:

- name: Export policy in XML format

bigip_device_info:

gather_subset:

- asm-policies

provider: "{{ provider }}"

register: device_facts

delegate_to: localhost

- name: Print ASM Policy Facts Full

ansible.builtin.debug:

var : device_facts | json_query ("asm_policies [*].name")

- name: print list

ansible.builtin.debug:

var : policies_list

``

Conclusion

Now you know how to Retrieve ASM Policy Facts from the F5 Network Infrastructure with Ansible.