Overview

F5 NGINX Instance Manager provides a centralized way to create, edit, and deploy F5 WAF for NGINX security configurations. You can manage security policies, log profiles, attack signatures, bot signatures, and threat campaigns through either the web interface or the REST API.

You can also compile security policies and associated components—such as attack signatures, bot signatures, and threat campaigns—into a single policy bundle. Precompiling these bundles improves performance by avoiding separate compilation during deployment.

The following capabilities are available only through the NGINX Instance Manager REST API:

• Create, read, update, and delete security log profiles
• Publish security policies, log profiles, attack signatures, bot signatures, and threat campaigns to instances and instance groups

Access the REST API

Use tools such as curl or Postman to send requests to the NGINX Instance Manager REST API. The API base URL is https://<NIM-FQDN>/api/[nim|platform]/<API_VERSION>.
All requests require authentication. For details on authentication methods, see the API overview.

---

Before you begin

Before you start, complete these prerequisites:

• Set up F5 WAF for NGINX configuration management.
• Make sure your user account has the required permissions to access the REST API:
  • Module: Instance Manager
  • Feature: Instance Management → READ
  • Feature: Security Policies → READ, CREATE, UPDATE, DELETE

To use policy bundles, you also need:

• UPDATE permissions for each referenced security policy
• The correct nms-nap-compiler package for your F5 WAF for NGINX version
• The required attack signatures, bot signatures, and threat campaigns

---

Featured content

---